pool/openscap
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 764315 from security

Browse Source 
- openscap 1.3.1
  - the test suite and build scripts were improved to support Debian 10
  - offline mode has received some love with a set of dedicated tests and various fixes in OVAL probes;
  - the oscap-docker wrapper is no longer dependent on Atomic 
  - Python binding are now more robust 
  - HTML reports and guides, generated by the scanner, are now more accessible for non-visual rendering agents 
  - Support of multi-check rules has been improved across the whole workflow 
  There are other changes as well, here is the list:
  * New features
    - Offline mode support for environmentvariable58 probe
    - The oscap-docker wrapper is available without Atomic
  + Maintenance, bug fixes
    - Improved support of multi-check rules (report, remediations, console output)
    - Improved HTML report look and feel, including printed version
    - Less clutter in verbose mode output; some warnings and errors demoted to verbose mode levels
    - Probe rpmverifyfile uses and returns canonical paths
    - Improved a11y of HTML reports and guides
    - Fixes and improvements for SWIG Python bindings
    - #1403 fixed: Scanner would not apply remediation for multicheck rules (verbosity)
    - Fixed URL link mechanism for Red Hat Errata
    - New STIG Viewer URI: public.cyber.mil
    - Probe selinuxsecuritycontext would not check if SELinux is enabled
    - Scanner would provide information about unsupported OVAL objects
    - Added more tests for offline mode (probes, remediation)
    - #528 fixed: Eval SCE script when /tmp is in mode noexec
    - #1173, RHBZ#1603347 fixed: Double chdir/chroot in probe rpmverifypackage

OBS-URL: https://build.opensuse.org/request/show/764315
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openscap?expand=0&rev=63
This commit is contained in:
Dominique Leuenberger 2020-01-14 20:10:52 +00:00 committed by Git OBS Bridge
commit 0907bf39f6
4 changed files with 38 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
1.3.2.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3ab3a8e9b4f1ec727fafe5d7325b34c6bc4b0ce87ac5ca42f5c965b6ee6c94bd
size 12360113

3
openscap-1.3.1+git.20200110.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0624c283f9a6da2cce858d1ccdbd52c6b375b158bd244d3ddc424eaafe63f5ae
size 7951975

32
openscap.changes
View File

@ -1,3 +1,35 @@
-------------------------------------------------------------------
Tue Jan 14 13:43:11 UTC 2020 - Marcus Meissner <meissner@suse.com>
- openscap 1.3.1
- the test suite and build scripts were improved to support Debian 10
- offline mode has received some love with a set of dedicated tests and various fixes in OVAL probes;
- the oscap-docker wrapper is no longer dependent on Atomic
- Python binding are now more robust
- HTML reports and guides, generated by the scanner, are now more accessible for non-visual rendering agents
- Support of multi-check rules has been improved across the whole workflow
There are other changes as well, here is the list:
* New features
- Offline mode support for environmentvariable58 probe
- The oscap-docker wrapper is available without Atomic
+ Maintenance, bug fixes
- Improved support of multi-check rules (report, remediations, console output)
- Improved HTML report look and feel, including printed version
- Less clutter in verbose mode output; some warnings and errors demoted to verbose mode levels
- Probe rpmverifyfile uses and returns canonical paths
- Improved a11y of HTML reports and guides
- Fixes and improvements for SWIG Python bindings
- #1403 fixed: Scanner would not apply remediation for multicheck rules (verbosity)
- Fixed URL link mechanism for Red Hat Errata
- New STIG Viewer URI: public.cyber.mil
- Probe selinuxsecuritycontext would not check if SELinux is enabled
- Scanner would provide information about unsupported OVAL objects
- Added more tests for offline mode (probes, remediation)
- #528 fixed: Eval SCE script when /tmp is in mode noexec
- #1173, RHBZ#1603347 fixed: Double chdir/chroot in probe rpmverifypackage
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Jan 11 17:24:21 UTC 2020 - Marcus Meissner <meissner@suse.com> Sat Jan 11 17:24:21 UTC 2020 - Marcus Meissner <meissner@suse.com>

6
openscap.spec
View File

@ -25,11 +25,11 @@
%define with_bindings 0 %define with_bindings 0
Name: openscap Name: openscap
Version: 1.3.1+git.20200110 Version: 1.3.2
Release: 0 Release: 0
#Source: https://github.com/OpenSCAP/openscap/archive/%{version}.tar.gz Source: https://github.com/OpenSCAP/openscap/archive/%{version}.tar.gz
# temp snapshot to make it build with new RPM before 1.3.2 # temp snapshot to make it build with new RPM before 1.3.2
Source: openscap-%version.tar.bz2 #Source: openscap-%version.tar.bz2
Source1: openscap-rpmlintrc Source1: openscap-rpmlintrc
Source2: sysconfig.oscap-scan Source2: sysconfig.oscap-scan
# SUSE specific profile, based on yast2-security checks. # SUSE specific profile, based on yast2-security checks.