Accepting request 1198315 from home:rchikov

- updated to 0.1.74 (jsc#ECO-3319) - Add Amazon Linux 2023 product (#12006) - Introduce new remediation type Kickstart (#12144) - Make PAM macros more flexible to variables (#12133) - Remove Debian 10 Product (#12205) - Remove Red Hat Enterprise Linux 7 product (#12093) - Update CIS RHEL9 control file to v2.0.0 (#12067) OBS-URL: https://build.opensuse.org/request/show/1198315 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=112
2024-09-02 14:26:03 +00:00 · 2024-09-02 14:26:03 +00:00 · af74b29b13
commit af74b29b13
7 changed files with 727 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.osc
--- a/7
+++ b/7
@ -0,0 +1,7 @@
+<constraints>
+  <hardware>
+    <disk>
+      <size unit="G">7</size>
+    </disk>
+  </hardware>
+</constraints>
--- a/scap-security-guide.changes
+++ b/scap-security-guide.changes
@ -0,0 +1,342 @@
+-------------------------------------------------------------------
+Mon Sep  2 13:58:50 UTC 2024 - Rumen Chikov <rumen.chikov@suse.com>
+
+- updated to 0.1.74 (jsc#ECO-3319)
+  - Add Amazon Linux 2023 product (#12006)
+  - Introduce new remediation type Kickstart (#12144)
+  - Make PAM macros more flexible to variables (#12133)
+  - Remove Debian 10 Product (#12205)
+  - Remove Red Hat Enterprise Linux 7 product (#12093)
+  - Update CIS RHEL9 control file to v2.0.0 (#12067)
+ 
+-------------------------------------------------------------------
+Fri May 31 07:52:33 UTC 2024 - Rumen Chikov <rumen.chikov@suse.com>
+
+- updated to 0.1.73 (jsc#ECO-3319)
+  - CMP 2417: Implement PCI-DSS v4.0 outline for OpenShift (#11651)
+  - Update all RHEL ANSSI BP028 profiles to be aligned with configuration recommendations version 2.0
+  - Generate rule references from control files (#11540)
+  - Initial implementation of STIG V1R1 profile for Ubuntu 22.04 LTS (#11820)
+
+-------------------------------------------------------------------
+Tue Feb 13 16:02:47 UTC 2024 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.72 (jsc#ECO-3319)
+  - ANSSI BP 028 profile for debian12 (#11368)
+  - Building on Windows (#11406)
+  - Control for BSI APP.4.4 (#11342)
+  - update to CIS RHEL 7 and RHEL 8 profiles aligning them with the latest benchmarks
+  - various fixes to SLE profiles
+- add openeuler to -redhat package
+- removed ssg-fix-journald.patch: fixed upstream
+
+-------------------------------------------------------------------
+Tue Dec 19 11:04:09 UTC 2023 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.71 (jsc#ECO-3319)
+  - Add RHEL 9 STIG
+  - Add support for Debian 12
+  - Update PCI-DSS profile for RHEL
+  - lots of bugfixes and improvements for SLE
+- removed left over file
+  0001-Revert-fix-aide-remediations-add-crontabs.patch upstreamed in 0.1.69
+
+-------------------------------------------------------------------
+Wed Dec  6 12:21:53 UTC 2023 - Marcus Meissner <meissner@suse.com>
+
+- ssg-fix-journald.patch: switch buggy journald plugindir remediation
+  to write into journald.conf. (bsc#1217832)
+
+-------------------------------------------------------------------
+Tue Oct 17 14:44:03 UTC 2023 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.70 (jsc#ECO-3319)
+  - Add openembedded distro support (#10793)
+  - Remove DRAFT wording for OpenShift STIG (#11100)
+  - Remove test-function-check_playbook_file_removed_and_added test (#10982)
+  - scap-security-guide: Add Poky support (#11046)
+
+-------------------------------------------------------------------
+Wed Aug  2 13:49:20 UTC 2023 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.69 (jsc#ECO-3319)
+  - Introduce a JSON build manifest (#10761)
+  - Introduce a script to compare ComplianceAsCode versions (#10768)
+  - Introduce CCN profiles for RHEL9 (#10860)
+  - Map rules to components (#10609)
+  - products/anolis23: supports Anolis OS 23 (#10548)
+  - Render components to HTML (#10709)
+  - Store rendered control files (#10656)
+  - Test and use rules to components mapping (#10693)
+  - Use distributed product properties (#10554)
+- 0001-Revert-fix-aide-remediations-add-crontabs.patch: removed, upstream
+
+-------------------------------------------------------------------
+Thu Jul 27 06:58:41 UTC 2023 - Marcus Meissner <meissner@suse.com>
+
+- 0001-Revert-fix-aide-remediations-add-crontabs.patch:
+  revert patch that breaks the SLE hardening (bsc#1213691)
+
+-------------------------------------------------------------------
+Thu Jun 15 15:40:16 UTC 2023 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.68 (jsc#ECO-3319)
+  - Bump OL8 STIG version to V1R6
+  - Introduce a Product class, make the project work with it
+  - Introduce Fedora and Firefox CaC profiles for common workstation users
+  - OL7 DISA STIG v2r11 update
+  - Publish rendered policy artifacts
+  - Update ANSSI BP-028 to version 2.0
+- updated to 0.1.67 (jsc#ECO-3319)
+  - Add utils/controlrefcheck.py
+  - RHEL 9 STIG Update Q1 2023
+  - Include warning for NetworkManager keyfiles in RHEL9
+  - OL7 stig v2r10 update
+  - Bump version of OL8 STIG to V1R5
+- various enhancements to SLE profiles
+- scap-security-guide-UnicodeEncodeError-character-fix.patch: fixed upstream
+
+-------------------------------------------------------------------
+Mon Feb  6 15:03:31 UTC 2023 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.66 (jsc#ECO-3319)
+  - Ubuntu 22.04 CIS
+  - OL7 stig v2r9 update
+  - Bump OL8 STIG version to V1R4
+  - Update RHEL7 STIG to V3R10
+  - Update RHEL8 STIG to V1R9
+  - Introduce CIS RHEL9 profiles
+- also various SUSE profile fixes were done
+
+-------------------------------------------------------------------
+Mon Dec  5 10:44:15 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.65 (jsc#ECO-3319)
+   - Introduce cui profile for OL9
+   - Remove Support for OVAL 5.10
+   - Rename account_passwords_pam_faillock_audit
+   - CI ansible hardening and rename of existing Bash hardening
+   - Update contributors list for v0.1.65 release
+   - various SUSE profile specific fixes
+
+-------------------------------------------------------------------
+Fri Nov 25 13:16:15 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- require sudo, as remediations touch sudo config or use sudo.
+
+-------------------------------------------------------------------
+Wed Oct  5 09:21:53 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- enable ubuntu 2204 build
+
+-------------------------------------------------------------------
+Sat Oct  1 08:56:49 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.64 (jsc#ECO-3319)
+   - Introduce ol9 stig profile
+   - Introduce Ol9 anssi profiles
+   - Update RHEL8 STIG to V1R7
+   - Introduce e8 profile for OL9
+   - Update RHEL7 STIG to V3R8
+   - some SUSE profile fixes
+
+-------------------------------------------------------------------
+Wed Sep 21 08:24:30 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- Added several RPM requires that are needed by the SUSE remediation
+  scripts. (e.g. awk is not necessary installed)
+
+-------------------------------------------------------------------
+Sat Jul 30 13:59:29 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.63 (jsc#ECO-3319)
+   - multiple bugfixes in SUSE profiles
+   - Expand project guidelines 
+   - Add Draft OCP4 STIG profile 
+   - Add anssi_bp28_intermediary profile 
+   - add products/uos20 to support UnionTech OS Server 20
+   - products/alinux3: Add CIS Alibaba Cloud Linux 3 profiles
+   - Remove WRLinux Products
+   - Update CIS RHEL8 Benchmark for v2.0.0
+- removed fix-bash-template.patch: fixed upstream
+- Fixed: stig: /etc/shadow group owner should not be root but shadow (bsc#1200149)
+- Fixed: sles15_script-stig.sh: remediation_functions: No such file or directory (bsc#1200163)
+- Fixed: SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity (bsc#1200122)
+
+-------------------------------------------------------------------
+Fri Jul 15 11:57:43 UTC 2022 - Julio González Gil <jgonzalez@suse.com>
+
+- Fix the build for RHEL 7 and clones (python-setuptools is used) 
+
+-------------------------------------------------------------------
+Wed Jul  6 09:26:15 UTC 2022 - Julio González Gil <jgonzalez@suse.com>
+
+- Fix the build for RHEL 9 and clones
+
+-------------------------------------------------------------------
+Mon Jun 27 12:59:21 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- fix-bash-template.patch: convert one bash emitter to new jinja method.
+  (bsc#1200163)
+
+-------------------------------------------------------------------
+Thu Jun  9 15:31:50 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- add python3-setuptools for all builds (so it is also used on debian 
+  and centos flavors)
+
+-------------------------------------------------------------------
+Mon May 30 12:48:54 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.62 (jsc#ECO-3319)
+  - Update rhel8 stig to v1r6
+  - OL7 STIG v2r7 update
+  - Initial definition of ANSSI BP28 minmal profile for SLE
+
+-------------------------------------------------------------------
+Mon Apr  4 08:40:40 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.61 (jsc#ECO-3319)
+  - Stop building PCI-DSS-centric XCCDF benchmark for RHEL 7
+  - Introduce OL9 product
+  - Implement handling of logical expressions in platform definitions
+
+-------------------------------------------------------------------
+Tue Feb 22 15:19:07 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- bump disk size constraints to 7gb to avoid occasional disk fulls failures.
+
+-------------------------------------------------------------------
+Thu Jan 27 13:43:18 UTC 2022 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.60 (jsc#ECO-3319)
+  - New draft stig profile v1r1 for OL8
+  - New product Amazon EKS platform and initial CIS profiles
+  - New product CentOS Stream 9, as a derivative from RHEL9 product
+
+-------------------------------------------------------------------
+Sat Nov 27 15:39:12 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.59 release (jsc#ECO-3319)
+  - Support for Debian 11
+  - NERC CIP profiles for OCP4 and RHCOS
+  - HIPAA profile for SLE15
+  - Delta Tailoring Files for STIG profiles
+
+-------------------------------------------------------------------
+Wed Oct  6 09:00:15 UTC 2021 - Alexander Bergmann <abergmann@suse.com>
+
+- Fix SLE-12 build issue caused by '\xb0' character (bsc#1191431).
+  - Add scap-security-guide-UnicodeEncodeError-character-fix.patch
+
+-------------------------------------------------------------------
+Fri Sep 24 15:16:30 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.58 release (jsc#ECO-3319)
+- Support for Script Checking Engine (SCE)
+- Split RHEL 8 CIS profile using new controls file format
+- CIS Profiles for SLE12
+- Initial Ubuntu 20.04 STIG Profiles
+- Addition of an automated CCE adder
+
+-------------------------------------------------------------------
+Tue Jul 13 14:41:16 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.57 release (jsc#ECO-3319)
+  - CIS profile for RHEL 7 is updated
+  - initial CIS profiles for Ubuntu 20.04
+  - Major improvement of RHEL 9 content
+  - new release process implemented using Github actions
+
+-------------------------------------------------------------------
+Wed Jun  2 15:03:42 UTC 2021 - Julio González Gil <jgonzalez@suse.com>
+
+- Specify the maintainer, for deb packages.
+
+-------------------------------------------------------------------
+Wed May 26 15:19:40 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.56 release (jsc#ECO-3319)
+  - Align ism_o profile with latest ISM SSP (#6878)
+  - Align RHEL 7 STIG profile with DISA STIG V3R3
+  - Creating new RHEL 7 STIG GUI profile (#6863)
+  - Creating new RHEL 8 STIG GUI profile (#6862)
+  - Add the RHEL9 product (#6801)
+  - Initial support for SUSE SLE-15 (#6666)
+  - add support for osbuild blueprint remediations (#6970)
+
+-------------------------------------------------------------------
+Wed Mar 24 13:25:26 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- updated to a intermediate GIT snapshot of 20210323 (jsc#ECO-3319)
+  - initial SLES15 STIG added
+  - more SLES 12 STIG work
+  - correct tables and cross references for SLES 12 and 15 STIG
+
+-------------------------------------------------------------------
+Fri Mar 19 15:08:35 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.55 release (jsc#ECO-3319)
+  - big update of rules used in SLES-12 STIG profile
+  - Render policy to HTML (#6532)
+  - Add variable support to yamlfile_value template (#6563)
+  - Introduce new template for dconf configuration files (#6118)
+- avoid some non sles12 sp2 available macros.
+
+-------------------------------------------------------------------
+Fri Mar 12 14:14:10 UTC 2021 - Julio González Gil <jgonzalez@suse.com>
+
+- Add the redhat conflict for packages built on redhat clones
+  or Fedora
+
+-------------------------------------------------------------------
+Fri Feb 26 08:45:24 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- remove redhat conflict.
+
+-------------------------------------------------------------------
+Sun Feb  7 10:42:34 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- added Redhat, Debian, Ubuntu products, split off into seperate
+  packages for size.
+
+-------------------------------------------------------------------
+Wed Feb  3 23:55:30 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
+
+- Update descriptions, modernize specfile constructs.
+
+-------------------------------------------------------------------
+Wed Feb  3 14:07:22 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.54 version
+
+-------------------------------------------------------------------
+Wed Feb  3 10:23:50 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- updated to 0.1.53 version, adjusted some things.
+
+-------------------------------------------------------------------
+Tue May 14 11:55:47 UTC 2019 - Brice DEKANY <brice.dekany@suse.com>
+
+- New specfile
+- build for openSUSE + Backport
+
+-------------------------------------------------------------------
+Tue May 14 11:27:26 UTC 2019 - Brice DEKANY <brice.dekany@suse.com>
+
+- Switch to new formating from ComplianceAsCode
+- Project is now hosted by github.com/openSUSE
+
+-------------------------------------------------------------------
+Fri Mar 16 12:12:56 UTC 2018 - brice.dekany@suse.com
+
+- Add a first batch of SEVERITY CAT II Rules
+-------------------------------------------------------------------
+Wed Jan 17 10:14:09 UTC 2018 - brice.dekany@suse.com
+
+- Add fixes for SEVERITY CAT I 
+
+-------------------------------------------------------------------
+Thu Jan  4 21:05:16 UTC 2018 - brice.dekany@suse.com
+
+- Initial version of xccdf for Severty CAT I
--- a/scap-security-guide.spec
+++ b/scap-security-guide.spec
@ -0,0 +1,348 @@
+#
+# spec file for package scap-security-guide
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%if ! (0%{?fedora} || 0%{?rhel} > 5)
+%if "%{_vendor}" == "debbuild"
+%global __python /usr/bin/python3
+%endif
+%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
+%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
+%endif
+
+%if 0%{?fedora} || 0%{?rhel} >= 8
+%{!?pylint_check: %global pylint_check 0}
+%endif
+
+%if 0%{?fedora} || 0%{?suse_version} > 1320 || 0%{?rhel} >= 8 || "%{_vendor}" == "debbuild"
+%global build_py3   1
+%if "%{_vendor}" != "debbuild"
+%global python_sitelib %{python3_sitelib}
+%endif
+%endif
+
+%if 0%{?fedora} || 0%{?rhel} >= 8
+%global python2prefix python2
+%else
+%global python2prefix python
+%endif
+
+Name:           scap-security-guide
+Version:        0.1.74
+Release:        0
+Summary:        XCCDF files for SUSE Linux and openSUSE
+License:        BSD-3-Clause
+Group:          Productivity/Security
+URL:            https://github.com/ComplianceAsCode/content
+%if "%{_vendor}" == "debbuild"
+Packager:       SUSE Security Team <security@suse.de>
+%endif
+Source:         https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
+
+# explicit require what is needed by the detection logic in the scripts
+Requires:       coreutils
+Requires:       findutils
+Requires:       gawk
+Requires:       grep
+Requires:       sed
+Requires:       sudo
+Requires:       zypper
+
+BuildRequires:  cmake
+
+%if "%{_vendor}" == "debbuild"
+%{!?_licensedir:%global license %%doc}
+BuildRequires:  libopenscap8
+BuildRequires:  libxml2-utils
+BuildRequires:  libxslt1.1
+BuildRequires:  xsltproc
+%else
+BuildRequires:  libxslt
+BuildRequires:  openscap-utils
+%endif
+
+%if 0%{?rhel} == 7
+BuildRequires:  python-setuptools
+%else
+BuildRequires:  python3-setuptools
+%endif
+
+%if 0%{?rhel} == 8
+BuildRequires:  python3
+%endif
+
+%if 0%{?suse_version}
+BuildRequires:  python3-xml
+%endif
+
+%if 0%{?rhel} == 7
+BuildRequires:  PyYAML
+%else
+%if 0%{?rhel} == 8
+BuildRequires:  python3-pyyaml
+%else
+%if "%{_vendor}" == "debbuild"
+BuildRequires:  python3-yaml
+%else
+BuildRequires:  python3-PyYAML
+%endif
+%endif
+%endif
+
+%if 0%{?rhel} == 7
+BuildRequires:  python-jinja2
+%else
+%if 0%{?rhel} >= 8
+BuildRequires:  python3-jinja2
+%else
+%if "%{_vendor}" == "debbuild"
+BuildRequires:  python3-jinja2
+%else
+BuildRequires:  python3-Jinja2
+%endif
+%endif
+%endif
+
+BuildRequires:  expat
+BuildRequires:  libxml2
+# not on SLES currently
+%if 0%{?is_opensuse} || 0%{?fedora} || "%{_vendor}" == "debbuild"
+BuildRequires:  ansible
+%endif
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+BuildArch:      noarch
+
+%description
+Security Content Automation Protocol (SCAP) Security Guide for SUSE Linux.
+
+This package contains XCCDF (Extensible Configuration Checklist
+Description Format), OVAL (Open Vulnerability and Assessment
+Language), CPE (Common Platform Enumeration) and DS (Data Stream)
+files to run a compliance test on SLE12, SLE15 and openSUSE
+
+SUSE supported in this version of scap-security-guide:
+
+- DISA STIG profile for SUSE Linux Enterprise Server 12 and 15
+- ANSSI-BP-028 profile for SUSE Linux Enterprise Server 12 and 15
+- PCI-DSS profile for SUSE Linux Enterprise Server 12 and 15
+- HIPAA profile for SUSE Linux Enterprise Server 12 and 15
+- CIS profile for SUSE Linux Enterprise Server 12 and 15
+- Hardening for Public Cloud Image of SUSE Linux Enterprise Server for SAP Applications 15
+- Public Cloud Hardening for SUSE Linux Enterprise 15
+
+Other profiles, like the Standard System Security Profile for SUSE Linux Enterprise 12 and 15,
+are community supplied and not officially supported by SUSE.
+
+%package redhat
+Summary:        XCCDF files for RHEL, CentOS, Fedora and ScientificLinux
+Group:          Productivity/Security
+%if 0%{?fedora} || 0%{?rhel}
+Conflicts:      scap-security-guide
+%endif
+
+%description redhat
+Security Content Automation Protocol (SCAP) Security Guide for Redhat/Fedora/CentOS/OracleLinux/ScientificLinux.
+
+This package contains XCCDF (Extensible Configuration Checklist
+Description Format), OVAL (Open Vulnerability and Assessment
+Language), CPE (Common Platform Enumeration) and DS (Data Stream)
+files to run a compliance test on various Redhat products, CentOS, Oracle Linux, Fedora and ScientificLinux.
+
+Note that the included profiles are community supplied and not officially supported by SUSE..
+
+%package debian
+Summary:        XCCDF files for Debian
+Group:          Productivity/Security
+
+%description debian
+Security Content Automation Protocol (SCAP) Security Guide for Debian.
+
+This package contains XCCDF (Extensible Configuration Checklist
+Description Format), OVAL (Open Vulnerability and Assessment
+Language), CPE (Common Platform Enumeration) and DS (Data Stream)
+files to run a compliance test on Debian.
+
+Note that the included profiles are community supplied and not officially supported by SUSE..
+
+%package ubuntu
+Summary:        XCCDF files for Ubuntu
+Group:          Productivity/Security
+
+%description ubuntu
+Security Content Automation Protocol (SCAP) Security Guide for Ubuntu.
+
+This package contains XCCDF (Extensible Configuration Checklist
+Description Format), OVAL (Open Vulnerability and Assessment
+Language), CPE (Common Platform Enumeration) and DS (Data Stream)
+files to run a compliance test on Ubuntu.
+
+Note that the included profiles are community supplied and not officially supported by SUSE..
+
+%prep
+%setup -q -n content-%version
+
+%build
+cd build
+cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} \
+      -DCMAKE_INSTALL_MANDIR=%{_mandir} \
+      -DSSG_PRODUCT_CHROMIUM=OFF \
+	 -DSSG_PRODUCT_ALINUX2=OFF \
+	 -DSSG_PRODUCT_ALINUX3=OFF \
+	 -DSSG_PRODUCT_DEBIAN9=ON \
+	 -DSSG_PRODUCT_DEBIAN10=ON \
+	 -DSSG_PRODUCT_DEFAULT=ON \
+	 -DSSG_PRODUCT_EXAMPLE=OFF \
+	 -DSSG_PRODUCT_FEDORA=ON \
+	 -DSSG_PRODUCT_FIREFOX=OFF \
+	 -DSSG_PRODUCT_FUSE6=OFF \
+	 -DSSG_PRODUCT_JRE=OFF \
+	 -DSSG_PRODUCT_MACOS1015=OFF \
+	 -DSSG_PRODUCT_OCP4=OFF \
+	 -DSSG_PRODUCT_OL7=ON \
+	 -DSSG_PRODUCT_OL8=ON \
+	 -DSSG_PRODUCT_OL9=ON \
+	 -DSSG_PRODUCT_OPENSUSE=ON \
+	 -DSSG_PRODUCT_OPENEMBEDDED=OFF \
+	 -DSSG_PRODUCT_RHCOS4=ON \
+	 -DSSG_PRODUCT_RHEL7=ON \
+	 -DSSG_PRODUCT_RHEL8=ON \
+	 -DSSG_PRODUCT_RHEL9=ON \
+	 -DSSG_PRODUCT_RHOSP10=ON \
+	 -DSSG_PRODUCT_RHOSP13=ON \
+	 -DSSG_PRODUCT_RHV4=ON \
+	 -DSSG_PRODUCT_SLE12=ON \
+	 -DSSG_PRODUCT_SLE15=ON \
+	 -DSSG_PRODUCT_UBUNTU1604=ON \
+	 -DSSG_PRODUCT_UBUNTU1804=ON \
+	 -DSSG_PRODUCT_UBUNTU2004=ON \
+	 -DSSG_PRODUCT_UBUNTU2204=ON \
+	 -DSSG_PRODUCT_UOS20=OFF \
+         -DSSG_PRODUCT_VSEL=OFF \
+         -DSSG_PRODUCT_EKS=OFF \
+         -DSSG_PRODUCT_WRLINUX8=OFF \
+         -DSSG_PRODUCT_WRLINUX1019=OFF \
+         -DSSG_PRODUCT_ANOLIS8=OFF \
+         -DSSG_PRODUCT_ANOLIS23=OFF \
+         ../
+make
+
+%install
+cd build/
+make install DESTDIR=%buildroot
+
+%files
+%if "%{_vendor}" != "debbuild"
+%license LICENSE
+%endif
+%dir %{_datadir}/doc/scap-security-guide/
+%{_datadir}/doc/scap-security-guide/Contributors.md
+%{_datadir}/doc/scap-security-guide/README.md
+%{_datadir}/doc/scap-security-guide/LICENSE
+%dir %{_datadir}/doc/scap-security-guide/guides/
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-sle*
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-opensuse*
+%dir %{_datadir}/doc/scap-security-guide/tables/
+%doc %{_datadir}/doc/scap-security-guide/tables/table-sle*
+%doc %{_mandir}/man8/scap-security-guide.8.gz
+%dir %{_datadir}/scap-security-guide/
+%dir %{_datadir}/scap-security-guide/ansible/
+%dir %{_datadir}/scap-security-guide/bash/
+%dir %{_datadir}/scap-security-guide/kickstart/
+%{_datadir}/scap-security-guide/*/opensuse*
+%{_datadir}/scap-security-guide/*/sle*
+%dir %{_datadir}/xml/scap/
+%dir %{_datadir}/xml/scap/ssg/
+%dir %{_datadir}/xml/scap/ssg/content/
+%{_datadir}/xml/scap/ssg/content/*-sle*
+%{_datadir}/xml/scap/ssg/content/*-opensuse*
+
+%files redhat
+%if "%{_vendor}" != "debbuild"
+%license LICENSE
+%endif
+%dir %{_datadir}/doc/scap-security-guide/guides/
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-centos*
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-cs9*
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-fedora*
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-ol*
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-openeuler*
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-rh*
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-sl7*
+%dir %{_datadir}/doc/scap-security-guide/tables/
+%doc %{_datadir}/doc/scap-security-guide/tables/table-ol*
+%doc %{_datadir}/doc/scap-security-guide/tables/table-rh*
+%dir %{_datadir}/doc/scap-security-guide/
+%dir %{_datadir}/scap-security-guide/
+%dir %{_datadir}/scap-security-guide/ansible/
+%dir %{_datadir}/scap-security-guide/tailoring/
+%dir %{_datadir}/scap-security-guide/bash/
+%dir %{_datadir}/scap-security-guide/kickstart/
+%{_datadir}/scap-security-guide/*/*centos*
+%{_datadir}/scap-security-guide/*/*cs9*
+%{_datadir}/scap-security-guide/*/*fedora*
+%{_datadir}/scap-security-guide/*/*ol*
+%{_datadir}/scap-security-guide/*/*openeuler*
+%{_datadir}/scap-security-guide/*/*rh*
+%{_datadir}/scap-security-guide/*/*sl7*
+%dir %{_datadir}/xml/scap/
+%dir %{_datadir}/xml/scap/ssg/
+%dir %{_datadir}/xml/scap/ssg/content/
+%{_datadir}/xml/scap/ssg/content/*-centos*
+%{_datadir}/xml/scap/ssg/content/*-cs9*
+%{_datadir}/xml/scap/ssg/content/*-fedora*
+%{_datadir}/xml/scap/ssg/content/*-ol*
+%{_datadir}/xml/scap/ssg/content/*-openeuler*
+%{_datadir}/xml/scap/ssg/content/*-rh*
+%{_datadir}/xml/scap/ssg/content/*-sl7*
+
+%files debian
+%if "%{_vendor}" != "debbuild"
+%license LICENSE
+%endif
+%dir %{_datadir}/doc/scap-security-guide/guides/
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-debian*
+%dir %{_datadir}/doc/scap-security-guide/tables/
+%dir %{_datadir}/doc/scap-security-guide/
+%dir %{_datadir}/scap-security-guide/
+%dir %{_datadir}/scap-security-guide/ansible/
+%dir %{_datadir}/scap-security-guide/bash/
+%dir %{_datadir}/scap-security-guide/kickstart/
+%{_datadir}/scap-security-guide/*/*debian*
+%dir %{_datadir}/xml/scap/
+%dir %{_datadir}/xml/scap/ssg/
+%dir %{_datadir}/xml/scap/ssg/content/
+%{_datadir}/xml/scap/ssg/content/*-debian*
+
+%files ubuntu
+%if "%{_vendor}" != "debbuild"
+%license LICENSE
+%endif
+%dir %{_datadir}/doc/scap-security-guide/guides/
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-ubuntu*
+%dir %{_datadir}/doc/scap-security-guide/tables/
+%dir %{_datadir}/doc/scap-security-guide/
+%dir %{_datadir}/scap-security-guide/
+%dir %{_datadir}/scap-security-guide/ansible/
+%dir %{_datadir}/scap-security-guide/bash/
+%dir %{_datadir}/scap-security-guide/kickstart/
+%{_datadir}/scap-security-guide/*/*ubuntu*
+%dir %{_datadir}/xml/scap/
+%dir %{_datadir}/xml/scap/ssg/
+%dir %{_datadir}/xml/scap/ssg/content/
+%{_datadir}/xml/scap/ssg/content/*-ubuntu*
+
+%changelog
--- a/v0.1.73.tar.gz
+++ b/v0.1.73.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4775f07e279f52e069bf2bc152c28d915a36f0d6ade7c01b498a85f96c285fa4
+size 10550630
--- a/v0.1.74.tar.gz
+++ b/v0.1.74.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a88612e3f7b609fae910f4bce0c6362df80aa396ec533aab868f5c155f86239b
+size 10518768