Accepting request 976934 from home:jeff_mahoney:branches:security:sensor

- Update to upstream 0.6.4-2:
  * Reset nanny when client connection failed. (#1780)
  * Fix artifacts that use yara parameters to specify yara type (#1779)
  * Update release for bugfixes 0.6.4-2
  * Add update to ADSHunter for better output on complete system hunts (#28) (#1765)
  * SysmonInstall artifact now skips install if not needed (#1777)
  * Initial implementation of client side process tracker. (#1768)
  * Invalidate transformed cache when the base table changes. (#1742)
  * GUI Table widgets now can apply transformations on the table. (#1740)
  * Suppress warning message for offline collector (#1776)
  * Bug fix (#1774)
  * Avoid bash process lingering around while server is running (#1775)
  * oidc: Fix typo: Genric -> Generic (#1773)
  * Make MaxWait for event table settable. (#1772)
  * Fixed bug in Windows.Detection.Yara.Process (#1771)
  * fix: upgrade react-scripts from 5.0.0 to 5.0.1 (#1770)
  * Bugfix: Client did not update list of query columns (#1767)
  * Merge bugfixes from master branch. (#1769)
- Revendored dependencies.

- Update to version 0.6.4~git31.4298eab0:
  * Add artifact for chattrsnoop plugin
  * bpflib: ensure it's built only on linux and when requesting bpf
  * Add chattrsnoop plugin
  * tcpsnoop: Properly close module in case of attach error
  * Elastic.Events.Client: Update to use new artifactset type
  * Kafka.Events.Client: Update to use new artifactset type
  * artifacts: add artifactset parameter type
  * api: add type and description fields to v1/GetArtifacts endpoint
  * Add artifacts for dns/tcp snoop plugins

OBS-URL: https://build.opensuse.org/request/show/976934
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=17

_service

@@ -5,8 +5,9 @@
     <param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
     <param name="revision">sensor-base-0.6.4</param>
     <param name="scm">git</param>
-    <param name="parent-tag">v0.6.4-1</param>
-    <param name="versionrewrite-pattern">v(.*)-[0-9]</param>
+    <param name="parent-tag">v0.6.4-2</param>
+    <param name="versionrewrite-pattern">v([0-9\.]*)-(.*)</param>
+    <param name="versionrewrite-replacement">\1.\2</param>
     <param name="changesgenerate">enable</param>
     <param name="submodules">enable</param>
   </service>

_servicedata

@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
-                <param name="url">https://github.com/SUSE/linux-security-sensor</param>
-              <param name="changesrevision">4298eab00c66e1654f31be67a5734746b9e66808</param></service><service name="tar_scm">
                 <param name="url">https://github.com/jeffmahoney/linux-security-sensor</param>
-              <param name="changesrevision">cb7dfd4978750bca1dc24e06c796adf5df5ca0e3</param></service></servicedata>
+              <param name="changesrevision">45393b11957049ed841f559cf9f3b88dc5a588d9</param></service><service name="tar_scm">
+                <param name="url">https://github.com/SUSE/linux-security-sensor</param>
+              <param name="changesrevision">45393b11957049ed841f559cf9f3b88dc5a588d9</param></service></servicedata>

update-vendoring.sh

@@ -53,7 +53,7 @@ cd "${dir}"
 mv vendor-golang-*${version}.tar.xz vendor-nodejs-${version}.tar.xz ${topdir}
 
 for spec in ${topdir}/*.spec; do
-    sed -i "s/^%define vendor_version.*/%define vendor_version %{version}/" ${spec}
+    sed -i "s/^%define vendor_version.*/%define vendor_version ${version}/" ${spec}
 done
 
 echo "Done"

velociraptor-0.6.4.2~git31.e1b7fc0e.obscpio

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:02c13973d8a025778b51c537e62cc669fc71c35c2ee019435e5e4d3c31b8b9b4
+size 35173389

velociraptor-0.6.4~git31.4298eab0.obscpio

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0322511eeb5b7a98ac4dc4eca714d0d06aa37b8ae960c0615316877d4a87833b
-size 35031565

velociraptor-client.changes

@@ -1,3 +1,42 @@
+-------------------------------------------------------------------
+Thu May 12 20:15:26 UTC 2022 - jeffm@suse.com
+
+- Update to upstream 0.6.4-2:
+  * Reset nanny when client connection failed. (#1780)
+  * Fix artifacts that use yara parameters to specify yara type (#1779)
+  * Update release for bugfixes 0.6.4-2
+  * Add update to ADSHunter for better output on complete system hunts (#28) (#1765)
+  * SysmonInstall artifact now skips install if not needed (#1777)
+  * Initial implementation of client side process tracker. (#1768)
+  * Invalidate transformed cache when the base table changes. (#1742)
+  * GUI Table widgets now can apply transformations on the table. (#1740)
+  * Suppress warning message for offline collector (#1776)
+  * Bug fix (#1774)
+  * Avoid bash process lingering around while server is running (#1775)
+  * oidc: Fix typo: Genric -> Generic (#1773)
+  * Make MaxWait for event table settable. (#1772)
+  * Fixed bug in Windows.Detection.Yara.Process (#1771)
+  * fix: upgrade react-scripts from 5.0.0 to 5.0.1 (#1770)
+  * Bugfix: Client did not update list of query columns (#1767)
+  * Merge bugfixes from master branch. (#1769)
+- Revendored dependencies.
+
+-------------------------------------------------------------------
+Thu May 12 19:21:56 UTC 2022 - jeffm@suse.com
+
+- Update to version 0.6.4~git31.4298eab0:
+  * Add artifact for chattrsnoop plugin
+  * bpflib: ensure it's built only on linux and when requesting bpf
+  * Add chattrsnoop plugin
+  * tcpsnoop: Properly close module in case of attach error
+  * Elastic.Events.Client: Update to use new artifactset type
+  * Kafka.Events.Client: Update to use new artifactset type
+  * artifacts: add artifactset parameter type
+  * api: add type and description fields to v1/GetArtifacts endpoint
+  * Add artifacts for dns/tcp snoop plugins
+  * tcpsnoop: Add timestamp to generated events
+  * dnssnoop: Add timestamp to generated events
+
 -------------------------------------------------------------------
 Thu May 12 17:54:31 UTC 2022 - jeffm@suse.com
 

velociraptor-client.spec

@@ -16,10 +16,10 @@
 #
 
 %define projname velociraptor
-%define vendor_version 0.6.4~git17.cb7dfd49
+%define vendor_version 0.6.4.2~git31.e1b7fc0e
 
 Name:           velociraptor-client
-Version:        0.6.4~git31.4298eab0
+Version:        0.6.4.2~git31.e1b7fc0e
 Release:        0
 Summary:        Endpoint visibility and collection tool (endpoint only)
 

velociraptor.changes

@@ -1,3 +1,26 @@
+-------------------------------------------------------------------
+Thu May 12 20:15:26 UTC 2022 - jeffm@suse.com
+
+- Update to upstream 0.6.4-2:
+  * Reset nanny when client connection failed. (#1780)
+  * Fix artifacts that use yara parameters to specify yara type (#1779)
+  * Update release for bugfixes 0.6.4-2
+  * Add update to ADSHunter for better output on complete system hunts (#28) (#1765)
+  * SysmonInstall artifact now skips install if not needed (#1777)
+  * Initial implementation of client side process tracker. (#1768)
+  * Invalidate transformed cache when the base table changes. (#1742)
+  * GUI Table widgets now can apply transformations on the table. (#1740)
+  * Suppress warning message for offline collector (#1776)
+  * Bug fix (#1774)
+  * Avoid bash process lingering around while server is running (#1775)
+  * oidc: Fix typo: Genric -> Generic (#1773)
+  * Make MaxWait for event table settable. (#1772)
+  * Fixed bug in Windows.Detection.Yara.Process (#1771)
+  * fix: upgrade react-scripts from 5.0.0 to 5.0.1 (#1770)
+  * Bugfix: Client did not update list of query columns (#1767)
+  * Merge bugfixes from master branch. (#1769)
+- Revendored dependencies.
+
 -------------------------------------------------------------------
 Thu May 12 17:54:31 UTC 2022 - jeffm@suse.com
 

velociraptor.obsinfo

@@ -1,4 +1,4 @@
 name: velociraptor
-version: 0.6.4~git31.4298eab0
-mtime: 1652378048
-commit: 4298eab00c66e1654f31be67a5734746b9e66808
+version: 0.6.4.2~git31.e1b7fc0e
+mtime: 1652386495
+commit: e1b7fc0e393db0f2f098ee8a181831df333c88e6

velociraptor.spec

@@ -16,10 +16,10 @@
 #
 
 %define projname velociraptor
-%define vendor_version 0.6.4~git17.cb7dfd49
+%define vendor_version 0.6.4.2~git31.e1b7fc0e
 
 Name:           velociraptor
-Version:        0.6.4~git31.4298eab0
+Version:        0.6.4.2~git31.e1b7fc0e
 Release:        0
 Summary:	Endpoint visibility and collection tool
 
@@ -66,7 +66,7 @@ For just the endpoint agent, please install the 'velociraptor-client' package.
 
 %package kafka-humio-gateway
 Summary: Gateway between Kafka and Humio for Velociraptor Artifacts
-Version: 0.6.4~git31.4298eab0
+Version: 0.6.4.2~git31.e1b7fc0e
 
 %description kafka-humio-gateway
 This tool is used to consume events generated by the Kafka Velociraptor plugin

vendor-golang-0.6.4.2~git31.e1b7fc0e.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5dad594f42ddcbebd18fe553ef5068081701561a72e229bd39ad99811a2fe39b
+size 7817752

vendor-golang-0.6.4~git17.cb7dfd49.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1267ce38995013e337ffc4c6665c79cdfc8423926e481b5daffdd76a98075899
-size 7833536

vendor-golang-kafka-humio-gateway-0.6.4.2~git31.e1b7fc0e.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:43bc2686bdf5fb270650c77cbff22e7728188a0e9d7eb010dfb84d8c5f484f14
+size 454376

vendor-golang-kafka-humio-gateway-0.6.4~git17.cb7dfd49.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0e1c01277e2932113ee52e35bee303bf326e485b3d40fc857381a0225823e2a8
-size 454244

vendor-nodejs-0.6.4.2~git31.e1b7fc0e.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:554186cd098a64de8979b4f4c7ecb09ed1a2e2ffb4db09cfd58da5b14b4e9d6b
+size 37044384

vendor-nodejs-0.6.4~git17.cb7dfd49.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:40af0767681c4b68ca31dfa2d0a9eb156c2e6e9995824f5ef93acfa60dc710d2
-size 37095216