pool/scap-security-guide
SHA256
17
0
Fork 1
Code Issues 1 Pull Requests Activity

Compare commits

base: pool:factory
Branches Tags
pool:factory pool:slfo-1.2 pool:slfo-main
..
compare: pool:slfo-main
Branches Tags
pool:factory pool:slfo-1.2 pool:slfo-main

1 Commits
factory ... slfo-main

Author SHA256 Message Date
svet-se
25cfa5d4e1 Remove the cis profiles from the tarball 2025-08-25 13:05:19 +03:00
4 changed files with 55 additions and 86 deletions
Expand all files Collapse all files

27
scap-security-guide.changes
View File

@@ -1,30 +1,3 @@
-------------------------------------------------------------------
Tue Dec 16 11:25:18 UTC 2025 - Boychev <svetlin.boychev@suse.com>
- updated to 0.1.79 (jsc#ECO-3319)
- Add rhcos4 Profile for BSI Grundschutz
- Create SLE15 general profile
- Fix crypto policy settings in RHEL CIS profiles
- Remove deprecated CIS OpenShift 1.4.0 and 1.5.0 profiles
- Remove OCP STIG V1R1
- Remove OCP STIG V2R1
- Various updates for SLE 12/15
-------------------------------------------------------------------
Mon Sep 29 11:36:05 UTC 2025 - Boychev <svetlin.boychev@suse.com>
- updated to 0.1.78 (jsc#ECO-3319)
- Enable SCE content for problematic rules that can traverse the whole filesystem
- Remove unnecessary Jinja2 macros in control files
- Update RHEL 8 STIG to V2R4 and RHEL 9 STIG to V2R5
- Add Debian 13 profile for ANSSI BP 28 (enhanced)
- Create SLEM5 General profile
- Create SL Micro 6 product and general profile
- Update SLE15 STIG version to V2R5
- Update SLE12 STIG version to V3R3
- Update SLEM5 STIG version to V1R2
- Remove the cis profiles from all products
-------------------------------------------------------------------
Thu Aug 21 08:24:36 UTC 2025 - Boychev <svetlin.boychev@suse.com>

108
scap-security-guide.spec
View File

@@ -42,7 +42,7 @@
%endif
Name: scap-security-guide
Version: 0.1.79
Version: 0.1.77
Release: 0
Summary: XCCDF files for SUSE Linux and openSUSE
License: BSD-3-Clause
@@ -50,7 +50,7 @@ URL: https://github.com/ComplianceAsCode/content
%if "%{_vendor}" == "debbuild"
Packager: SUSE Security Team <security@suse.de>
%endif
Source: https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
Source: v%{version}.tar.gz
# explicit require what is needed by the detection logic in the scripts
Requires: coreutils
@@ -158,7 +158,7 @@ Security Content Automation Protocol (SCAP) Security Guide for SUSE Linux.
This package contains XCCDF (Extensible Configuration Checklist
Description Format), OVAL (Open Vulnerability and Assessment
Language), CPE (Common Platform Enumeration) and DS (Data Stream)
files to run a compliance test on SLE12, SLE15, SLEM5, SLEM6 and openSUSE
files to run a compliance test on SLE12, SLE15, SLEM5 and openSUSE
SUSE supported in this version of scap-security-guide:
@@ -218,66 +218,62 @@ Note that the included profiles are community supplied and not officially suppor
%prep
%setup -q -n content-%version
# Remove CIS profiles
find products -type f -name 'cis*.profile' -delete
# Fail if any cis*.profile exists in under products/
# Fail if any cis*.profile exists in the tarball under products/
if find products -type f -name 'cis*.profile' | grep -q .; then
echo "ERROR: CIS profiles found under products/:"
echo "ERROR: CIS profiles found in the tarball under products/:"
find products -type f -name 'cis*.profile'
exit 1
fi
%build
cd build
cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DCMAKE_INSTALL_MANDIR=%{_mandir} \
-DSSG_PRODUCT_CHROMIUM=OFF \
-DSSG_PRODUCT_ALINUX2=OFF \
-DSSG_PRODUCT_ALINUX3=OFF \
-DSSG_PRODUCT_ALMALINUX9=ON \
-DSSG_PRODUCT_AL2023=OFF \
-DSSG_PRODUCT_DEBIAN9=ON \
-DSSG_PRODUCT_DEBIAN10=ON \
-DSSG_PRODUCT_DEFAULT=ON \
-DSSG_PRODUCT_EXAMPLE=OFF \
-DSSG_PRODUCT_FEDORA=ON \
-DSSG_PRODUCT_FIREFOX=OFF \
-DSSG_PRODUCT_FUSE6=OFF \
-DSSG_PRODUCT_JRE=OFF \
-DSSG_PRODUCT_MACOS1015=OFF \
-DSSG_PRODUCT_OCP4=OFF \
-DSSG_PRODUCT_KYLINSERVER10=OFF \
-DSSG_PRODUCT_OL7=ON \
-DSSG_PRODUCT_OL8=ON \
-DSSG_PRODUCT_OL9=ON \
-DSSG_PRODUCT_OPENSUSE=ON \
-DSSG_PRODUCT_OPENEMBEDDED=OFF \
-DSSG_PRODUCT_RHCOS4=ON \
-DSSG_PRODUCT_RHEL8=ON \
-DSSG_PRODUCT_RHEL9=ON \
-DSSG_PRODUCT_RHEL10=ON \
-DSSG_PRODUCT_CS10=ON \
-DSSG_PRODUCT_RHOSP10=ON \
-DSSG_PRODUCT_RHOSP13=ON \
-DSSG_PRODUCT_RHV4=ON \
-DSSG_PRODUCT_TENCENTOS4=ON \
-DSSG_PRODUCT_SLE12=ON \
-DSSG_PRODUCT_SLE15=ON \
-DSSG_PRODUCT_SLMICRO5=ON \
-DSSG_PRODUCT_SLMICRO6=ON \
-DSSG_PRODUCT_UBUNTU1604=ON \
-DSSG_PRODUCT_UBUNTU1804=ON \
-DSSG_PRODUCT_UBUNTU2004=ON \
-DSSG_PRODUCT_UBUNTU2204=ON \
-DSSG_PRODUCT_UOS20=OFF \
-DSSG_PRODUCT_VSEL=OFF \
-DSSG_PRODUCT_EKS=OFF \
-DSSG_PRODUCT_WRLINUX8=OFF \
-DSSG_PRODUCT_WRLINUX1019=OFF \
-DSSG_PRODUCT_ANOLIS8=OFF \
-DSSG_PRODUCT_ANOLIS23=OFF \
../
cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DCMAKE_INSTALL_MANDIR=%{_mandir} \
-DSSG_PRODUCT_CHROMIUM=OFF \
-DSSG_PRODUCT_ALINUX2=OFF \
-DSSG_PRODUCT_ALINUX3=OFF \
-DSSG_PRODUCT_ALMALINUX9=ON \
-DSSG_PRODUCT_AL2023=OFF \
-DSSG_PRODUCT_DEBIAN9=ON \
-DSSG_PRODUCT_DEBIAN10=ON \
-DSSG_PRODUCT_DEFAULT=ON \
-DSSG_PRODUCT_EXAMPLE=OFF \
-DSSG_PRODUCT_FEDORA=ON \
-DSSG_PRODUCT_FIREFOX=OFF \
-DSSG_PRODUCT_FUSE6=OFF \
-DSSG_PRODUCT_JRE=OFF \
-DSSG_PRODUCT_MACOS1015=OFF \
-DSSG_PRODUCT_OCP4=OFF \
-DSSG_PRODUCT_KYLINSERVER10=OFF \
-DSSG_PRODUCT_OL7=ON \
-DSSG_PRODUCT_OL8=ON \
-DSSG_PRODUCT_OL9=ON \
-DSSG_PRODUCT_OPENSUSE=ON \
-DSSG_PRODUCT_OPENEMBEDDED=OFF \
-DSSG_PRODUCT_RHCOS4=ON \
-DSSG_PRODUCT_RHEL8=ON \
-DSSG_PRODUCT_RHEL9=ON \
-DSSG_PRODUCT_RHEL10=ON \
-DSSG_PRODUCT_CS10=ON \
-DSSG_PRODUCT_RHOSP10=ON \
-DSSG_PRODUCT_RHOSP13=ON \
-DSSG_PRODUCT_RHV4=ON \
-DSSG_PRODUCT_TENCENTOS4=ON \
-DSSG_PRODUCT_SLE12=ON \
-DSSG_PRODUCT_SLE15=ON \
-DSSG_PRODUCT_SLMICRO5=ON \
-DSSG_PRODUCT_UBUNTU1604=ON \
-DSSG_PRODUCT_UBUNTU1804=ON \
-DSSG_PRODUCT_UBUNTU2004=ON \
-DSSG_PRODUCT_UBUNTU2204=ON \
-DSSG_PRODUCT_UOS20=OFF \
-DSSG_PRODUCT_VSEL=OFF \
-DSSG_PRODUCT_EKS=OFF \
-DSSG_PRODUCT_WRLINUX8=OFF \
-DSSG_PRODUCT_WRLINUX1019=OFF \
-DSSG_PRODUCT_ANOLIS8=OFF \
-DSSG_PRODUCT_ANOLIS23=OFF \
../
make
%install

BIN
v0.1.77.tar.gz LFS Normal file
View File

Binary file not shown.

BIN
v0.1.79.tar.gz LFS
View File

Binary file not shown.