Accepting request 1075011 from home:kwk:branches:security

- Update to version 1.3.7: * openscap-1.3.7 * Bump soname from 25.5.0 to 25.5.1 * Bump version to openscap-1.3.7 * Fix typos in docs * Remove a check for suspicious files * Add debian_evr_string tests to CMakeLists * Add a few unittests for debian_evr_string * Remove To be done * Move release guide to upstream - add 0005-rename-requires-reqs-for-C-20-compatibility.patch - rename patches openscap-opensuse-cpe.patch to 0001-Add-openSUSE-cpe-links.patch openscap-suse-cpe.patch to 0002-Add-SUSE-cpe-links.patch openscap-docker-add-suse.patch to 0003-Use-openSUSE-SUSE-cpe-links.patch oscap-remediate.service.in.patch to 0004-oscap-remediate-is-located-in-bindir.patch - drop 0001-Use-correct-includes.patch (upstream) OBS-URL: https://build.opensuse.org/request/show/1075011 OBS-URL: https://build.opensuse.org/package/show/security/openscap?expand=0&rev=281
2023-03-28 15:25:19 +00:00 · 2023-03-28 15:25:19 +00:00 · 0aea1b618f
commit 0aea1b618f
parent c38fca9782
13 changed files with 200 additions and 124 deletions
--- a/0001-Add-openSUSE-cpe-links.patch
+++ b/0001-Add-openSUSE-cpe-links.patch
@ -1,7 +1,17 @@
-Index: openscap-1.3.6/cpe/openscap-cpe-dict.xml
+From 48685f390b865f6edd7df8dba955c03dff6045e8 Mon Sep 17 00:00:00 2001
-===================================================================
+From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
--- openscap-1.3.6.orig/cpe/openscap-cpe-dict.xml
+Date: Tue, 28 Mar 2023 12:02:43 +0200
-+++ openscap-1.3.6/cpe/openscap-cpe-dict.xml
+Subject: [PATCH 1/5] Add openSUSE cpe links
 ---
 cpe/openscap-cpe-dict.xml |  24 +++++++
 cpe/openscap-cpe-oval.xml | 127 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 151 insertions(+)
 diff --git a/cpe/openscap-cpe-dict.xml b/cpe/openscap-cpe-dict.xml
 index 02d5361..cf52bee 100644
 --- a/cpe/openscap-cpe-dict.xml
 +++ b/cpe/openscap-cpe-dict.xml
@@ -53,4 +53,28 @@
             <title xml:lang="en-us">Fedora 35</title>
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.fedora:def:35</check>
@ -31,10 +41,10 @@ Index: openscap-1.3.6/cpe/openscap-cpe-dict.xml
 +            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:9999</check>
 +      </cpe-item>
 </cpe-list>
-Index: openscap-1.3.6/cpe/openscap-cpe-oval.xml
+diff --git a/cpe/openscap-cpe-oval.xml b/cpe/openscap-cpe-oval.xml
-===================================================================
+index 6409940..a402c7f 100644
--- openscap-1.3.6.orig/cpe/openscap-cpe-oval.xml
+--- a/cpe/openscap-cpe-oval.xml
-+++ openscap-1.3.6/cpe/openscap-cpe-oval.xml
+++ b/cpe/openscap-cpe-oval.xml
@@ -690,6 +690,84 @@
                         <criterion comment="openSUSE Leap 15.0 is installed" test_ref="oval:org.open-scap.cpe.opensuse:tst:150"/>
                   </criteria>
@ -183,3 +193,6 @@ Index: openscap-1.3.6/cpe/openscap-cpe-oval.xml
             <textfilecontent54_state
                             id="oval:org.open-scap.cpe.wrlinux-release:ste:8"
                             comment="Check the /etc/wrlinux-release file for VERSION 8 specification."
 -- 
 2.40.0
--- a/0001-Use-correct-includes.patch
+++ b/0001-Use-correct-includes.patch
@ -1,61 +0,0 @@
 From 8dec1bb5e9546e75ae6e7b7cf94cf00197ce3e5d Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
 Date: Tue, 24 May 2022 12:15:44 +0200
 Subject: [PATCH] Use correct includes
 rpmvercmp is defined in rpm/rpmver.h
 risdigit is defined in rpm/rpmstring.h
 Resolves: rhbz#2080210
 ---
 cmake/FindRPM.cmake                    | 3 +++
 config.h.in                            | 1 +
 src/OVAL/results/oval_cmp_evr_string.c | 5 +++++
 3 files changed, 9 insertions(+)
 diff --git a/cmake/FindRPM.cmake b/cmake/FindRPM.cmake
 index a666942ea..369d153fc 100644
 --- a/cmake/FindRPM.cmake
 +++ b/cmake/FindRPM.cmake
@@ -30,6 +30,9 @@ set(RPM_VERSION ${RPM_PKGCONF_VERSION})
 if(RPM_VERSION)
 	string(COMPARE GREATER "4.6" ${RPM_VERSION} RPM46_FOUND)
 	string(COMPARE GREATER "4.7" ${RPM_VERSION} RPM47_FOUND)
 +	if(NOT (RPM_VERSION VERSION_LESS "4.18"))
 +		set(RPM418_FOUND 1)
 +	endif()
 endif()
 # Set the include dir variables and the libraries and let libfind_process do the rest.
 diff --git a/config.h.in b/config.h.in
 index 1b7285582..bb1428afc 100644
 --- a/config.h.in
 +++ b/config.h.in
@@ -44,6 +44,7 @@
 #cmakedefine HAVE_RPMVERCMP
 #cmakedefine RPM46_FOUND
 #cmakedefine RPM47_FOUND
 +#cmakedefine RPM418_FOUND
 #cmakedefine BZIP2_FOUND
 diff --git a/src/OVAL/results/oval_cmp_evr_string.c b/src/OVAL/results/oval_cmp_evr_string.c
 index 3bfc8ce5f..3ba0fa0cb 100644
 --- a/src/OVAL/results/oval_cmp_evr_string.c
 +++ b/src/OVAL/results/oval_cmp_evr_string.c
@@ -37,7 +37,12 @@
 #include "common/_error.h"
 #ifdef HAVE_RPMVERCMP
 +#ifdef RPM418_FOUND
 +#include <rpm/rpmver.h>
 +#include <rpm/rpmstring.h>
 +#else
 #include <rpm/rpmlib.h>
 +#endif
 #else
 #ifdef OS_WINDOWS
 #include <malloc.h>
 -- 
 2.35.3
--- a/0002-Add-SUSE-cpe-links.patch
+++ b/0002-Add-SUSE-cpe-links.patch
@ -1,8 +1,18 @@
-Index: openscap-1.3.5/cpe/openscap-cpe-dict.xml
+From 8ef63951ad8e87a65cb252601a03bd958631f94c Mon Sep 17 00:00:00 2001
-===================================================================
+From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
--- openscap-1.3.5.orig/cpe/openscap-cpe-dict.xml
+Date: Tue, 28 Mar 2023 12:04:28 +0200
-+++ openscap-1.3.5/cpe/openscap-cpe-dict.xml
+Subject: [PATCH 2/5] Add SUSE cpe links
-@@ -69,4 +69,20 @@
+
 ---
 cpe/openscap-cpe-dict.xml | 16 +++++++++++++++
 cpe/openscap-cpe-oval.xml | 42 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+)
 diff --git a/cpe/openscap-cpe-dict.xml b/cpe/openscap-cpe-dict.xml
 index cf52bee..85917a8 100644
 --- a/cpe/openscap-cpe-dict.xml
 +++ b/cpe/openscap-cpe-dict.xml
@@ -77,4 +77,20 @@
             <title xml:lang="en-us">openSUSE Tumbleweed</title>
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:9999</check>
       </cpe-item>
@ -23,11 +33,11 @@ Index: openscap-1.3.5/cpe/openscap-cpe-dict.xml
 +            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sled:def:15</check>
 +      </cpe-item>
 </cpe-list>
-Index: openscap-1.3.5/cpe/openscap-cpe-oval.xml
+diff --git a/cpe/openscap-cpe-oval.xml b/cpe/openscap-cpe-oval.xml
-===================================================================
+index a402c7f..531297b 100644
--- openscap-1.3.5.orig/cpe/openscap-cpe-oval.xml
+--- a/cpe/openscap-cpe-oval.xml
-+++ openscap-1.3.5/cpe/openscap-cpe-oval.xml
+++ b/cpe/openscap-cpe-oval.xml
-@@ -742,6 +742,32 @@
+@@ -768,6 +768,32 @@
                         <criterion comment="openSUSE Tumbleweed is installed" test_ref="oval:org.open-scap.cpe.opensuse:tst:9999"/>
                   </criteria>
             </definition>
@ -60,7 +70,7 @@ Index: openscap-1.3.5/cpe/openscap-cpe-oval.xml
             <definition class="inventory" id="oval:org.open-scap.cpe.wrlinux:def:1" version="1" >
                   <metadata>
                         <title>Wind River Linux</title>
-@@ -1084,6 +1110,11 @@
+@@ -1110,6 +1136,11 @@
                   <object object_ref="oval:org.open-scap.cpe.sles-release:obj:1"/>
                   <state state_ref="oval:org.open-scap.cpe.sles:ste:12"/>
             </rpminfo_test>
@ -72,7 +82,7 @@ Index: openscap-1.3.5/cpe/openscap-cpe-oval.xml
             <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sled:tst:10" version="1" check="at least one" comment="sled-release is version 10"
                   xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
                   <object object_ref="oval:org.open-scap.cpe.sled-release:obj:1"/>
-@@ -1099,6 +1130,11 @@
+@@ -1125,6 +1156,11 @@
                   <object object_ref="oval:org.open-scap.cpe.sled-release:obj:1"/>
                   <state state_ref="oval:org.open-scap.cpe.sled:ste:12"/>
             </rpminfo_test>
@ -84,7 +94,7 @@ Index: openscap-1.3.5/cpe/openscap-cpe-oval.xml
             <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.opensuse:tst:1" version="1" check="at least one" comment="openSUSE-release is version 11.4"
                   xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
                   <object object_ref="oval:org.open-scap.cpe.openSUSE-release:obj:1"/>
-@@ -1454,6 +1490,9 @@
+@@ -1490,6 +1526,9 @@
             <rpminfo_state id="oval:org.open-scap.cpe.sles:ste:12" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
                   <version operation="pattern match">^12($|[^\d])</version>
             </rpminfo_state>
@ -94,7 +104,7 @@ Index: openscap-1.3.5/cpe/openscap-cpe-oval.xml
             <rpminfo_state id="oval:org.open-scap.cpe.sled:ste:10" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
                   <version operation="pattern match">^10($|[^\d])</version>
             </rpminfo_state>
-@@ -1463,6 +1502,9 @@
+@@ -1499,6 +1538,9 @@
             <rpminfo_state id="oval:org.open-scap.cpe.sled:ste:12" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
                   <version operation="pattern match">^12($|[^\d])</version>
             </rpminfo_state>
@ -104,3 +114,6 @@ Index: openscap-1.3.5/cpe/openscap-cpe-oval.xml
             <rpminfo_state id="oval:org.open-scap.cpe.opensuse:ste:2" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
                   <name operation="pattern match">^openSUSE-release</name>
             </rpminfo_state>
 -- 
 2.40.0
--- a/0003-Use-openSUSE-SUSE-cpe-links.patch
+++ b/0003-Use-openSUSE-SUSE-cpe-links.patch
@ -1,17 +1,17 @@
-From 9a434c4e613224b25b4dc56e38de32eb4cbdcd0c Mon Sep 17 00:00:00 2001
+From 815356039b16d5abba9cdebc07c23aa967947ef3 Mon Sep 17 00:00:00 2001
-From: Marcus Meissner <meissner@suse.de>
+From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
-Date: Tue, 7 Dec 2021 11:57:21 +0100
+Date: Tue, 28 Mar 2023 12:05:37 +0200
-Subject: [PATCH] added suse support
+Subject: [PATCH 3/5] Use openSUSE/SUSE cpe links
 ---
- utils/oscap_docker_python/get_cve_input.py    | 20 +++++++++----
+ utils/oscap_docker_python/get_cve_input.py    | 21 ++++++++++---
- .../oscap_docker_common.py                    | 30 ++++++++++++++++++-
+ .../oscap_docker_common.py                    | 31 ++++++++++++++++++-
- 2 files changed, 44 insertions(+), 6 deletions(-)
+ 2 files changed, 46 insertions(+), 6 deletions(-)
-Index: openscap-1.3.5/utils/oscap_docker_python/get_cve_input.py
+diff --git a/utils/oscap_docker_python/get_cve_input.py b/utils/oscap_docker_python/get_cve_input.py
-===================================================================
+index 6d77bdb..bb38e77 100644
--- openscap-1.3.5.orig/utils/oscap_docker_python/get_cve_input.py
+--- a/utils/oscap_docker_python/get_cve_input.py
-+++ openscap-1.3.5/utils/oscap_docker_python/get_cve_input.py
+++ b/utils/oscap_docker_python/get_cve_input.py
@@ -31,9 +31,12 @@ class getInputCVE(object):
     hdr = {'User-agent': 'Mozilla/5.0'}
@ -49,11 +49,11 @@ Index: openscap-1.3.5/utils/oscap_docker_python/get_cve_input.py
         if self._is_cache_same(dest_file, dist_url):
             return dest_file
-Index: openscap-1.3.5/utils/oscap_docker_python/oscap_docker_common.py
+diff --git a/utils/oscap_docker_python/oscap_docker_common.py b/utils/oscap_docker_python/oscap_docker_common.py
-===================================================================
+index c9afd6b..30289fd 100644
--- openscap-1.3.5.orig/utils/oscap_docker_python/oscap_docker_common.py
+--- a/utils/oscap_docker_python/oscap_docker_common.py
-+++ openscap-1.3.5/utils/oscap_docker_python/oscap_docker_common.py
+++ b/utils/oscap_docker_python/oscap_docker_common.py
-@@ -55,7 +55,7 @@ def get_dist(mountpoint, oscap_binary, l
+@@ -55,7 +55,7 @@ def get_dist(mountpoint, oscap_binary, local_env):
     '''
     Test the chroot and determine what RHEL dist it is; returns
@ -62,7 +62,7 @@ Index: openscap-1.3.5/utils/oscap_docker_python/oscap_docker_common.py
     '''
     cpe_dict = '/usr/share/openscap/cpe/openscap-cpe-oval.xml'
-@@ -77,3 +77,32 @@ def get_dist(mountpoint, oscap_binary, l
+@@ -77,3 +77,32 @@ def get_dist(mountpoint, oscap_binary, local_env):
         if "{0}{1}: true".format(CPE_RHEL, dist) in result.stdout:
             print("This system seems based on RHEL{0}.".format(dist))
             return dist
@ -95,3 +95,6 @@ Index: openscap-1.3.5/utils/oscap_docker_python/oscap_docker_common.py
 +            print("This system seems based on SLES {0}.".format(dist))
 +            return dist
 +    print("System version not detected.")
 -- 
 2.40.0
--- a/0004-oscap-remediate-is-located-in-bindir.patch
+++ b/0004-oscap-remediate-is-located-in-bindir.patch
@ -0,0 +1,24 @@
 From 290186ec99dedf00477447d53b2c0c01c764eaa5 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
 Date: Tue, 28 Mar 2023 12:06:36 +0200
 Subject: [PATCH 4/5] oscap-remediate is located in bindir
 ---
 oscap-remediate.service.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/oscap-remediate.service.in b/oscap-remediate.service.in
 index 2b48398..b6d07b7 100644
 --- a/oscap-remediate.service.in
 +++ b/oscap-remediate.service.in
@@ -8,6 +8,6 @@ Before=shutdown.target system-update.target
 [Service]
 Type=oneshot
 -ExecStart=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBEXECDIR@/oscap-remediate
 +ExecStart=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_BINDIR@/oscap-remediate
 FailureAction=reboot
 -- 
 2.40.0
--- a/0005-rename-requires-reqs-for-C-20-compatibility.patch
+++ b/0005-rename-requires-reqs-for-C-20-compatibility.patch
@ -0,0 +1,66 @@
 From f276794e7395cf3805e32ab3b86508f933471537 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
 Date: Tue, 28 Mar 2023 13:09:59 +0200
 Subject: [PATCH 5/5] rename requires -> reqs for C++20 compatibility
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Signed-off-by: Klaus Kämpf <kkaempf@suse.de>
 ---
 src/XCCDF/public/xccdf_benchmark.h |  6 +++---
 src/XCCDF/rule.c                   | 10 +++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)
 diff --git a/src/XCCDF/public/xccdf_benchmark.h b/src/XCCDF/public/xccdf_benchmark.h
 index db65873..74e3920 100644
 --- a/src/XCCDF/public/xccdf_benchmark.h
 +++ b/src/XCCDF/public/xccdf_benchmark.h
@@ -3343,11 +3343,11 @@ OSCAP_API bool xccdf_item_add_warning(struct xccdf_item *item, struct xccdf_warn
 OSCAP_API bool xccdf_refine_rule_add_remark(struct xccdf_refine_rule *obj, struct oscap_text *item);
 /// @memberof xccdf_rule
 -OSCAP_API bool xccdf_rule_add_requires(struct xccdf_rule *rule, struct oscap_stringlist *requires);
 +OSCAP_API bool xccdf_rule_add_requires(struct xccdf_rule *rule, struct oscap_stringlist *reqs);
 /// @memberof xccdf_group
 -OSCAP_API bool xccdf_group_add_requires(struct xccdf_group *group, struct oscap_stringlist *requires);
 +OSCAP_API bool xccdf_group_add_requires(struct xccdf_group *group, struct oscap_stringlist *reqs);
 /// @memberof xccdf_item
 -OSCAP_API bool xccdf_item_add_requires(struct xccdf_item *item, struct oscap_stringlist *requires);
 +OSCAP_API bool xccdf_item_add_requires(struct xccdf_item *item, struct oscap_stringlist *reqs);
 /// @memberof xccdf_rule
 OSCAP_API bool xccdf_rule_add_conflicts(struct xccdf_rule *rule, const char *conflicts);
 /// @memberof xccdf_group
 diff --git a/src/XCCDF/rule.c b/src/XCCDF/rule.c
 index b16b69e..0ec1643 100644
 --- a/src/XCCDF/rule.c
 +++ b/src/XCCDF/rule.c
@@ -76,20 +76,20 @@ bool xccdf_content_parse(xmlTextReaderPtr reader, struct xccdf_item *parent)
 	return false;
 }
 -static void xccdf_deps_get(struct xccdf_item *item, struct oscap_list **conflicts, struct oscap_list **requires)
 +static void xccdf_deps_get(struct xccdf_item *item, struct oscap_list **conflicts, struct oscap_list **reqs)
 {
 	switch (item->type) {
 	case XCCDF_RULE:
 		if (conflicts)
 			*conflicts = item->sub.rule.conflicts;
 -		if (requires)
 -			*requires = item->sub.rule.requires;
 +		if (reqs)
 +			*reqs = item->sub.rule.requires;
 		break;
 	case XCCDF_GROUP:
 		if (conflicts)
 			*conflicts = item->sub.group.conflicts;
 -		if (requires)
 -			*requires = item->sub.group.requires;
 +		if (reqs)
 +			*reqs = item->sub.group.requires;
 		break;
 	default:
 		assert(false);
 -- 
 2.40.0
--- a/1.3.6.tar.gz
+++ b/1.3.6.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:438621bf95a832be44ce799baec580cb0fdc92db7137721873e79ee4cbb1630b
 size 14020002
--- a/5
+++ b/5
@ -2,8 +2,9 @@
  <service name="tar_scm" mode="disabled">
    <param name="url">https://github.com/openscap/openscap.git</param>
    <param name="scm">git</param>
-    <param name="revision">maint-1.3</param>
+    <param name="revision">1.3.7</param>
-    <param name="versionformat">@PARENT_TAG@+git.%cd</param>
+    <param name="versionformat">@PARENT_TAG@</param>
    <param name="changesgenerate">enable</param>
  </service>
  <service name="recompress" mode="disabled">
    <param name="file">*.tar</param>
--- a/4
+++ b/4
@ -0,0 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                <param name="url">https://github.com/openscap/openscap.git</param>
              <param name="changesrevision">55efbfda0f617e05862ab6ed4862e10dbee52b03</param></service></servicedata>
--- a/openscap-1.3.7.tar.gz
+++ b/openscap-1.3.7.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:d31527afa2a315ceba02e2ca7e2d5dbd07c4113febaed60752affef4c79f7233
 size 14023080
--- a/openscap.changes
+++ b/openscap.changes
@ -1,3 +1,27 @@
 -------------------------------------------------------------------
 Tue Mar 28 09:59:10 UTC 2023 - kkaempf@suse.com
 - Update to version 1.3.7:
  * openscap-1.3.7
  * Bump soname from 25.5.0 to 25.5.1
  * Bump version to openscap-1.3.7
  * Fix typos in docs
  * Remove a check for suspicious files
  * Add debian_evr_string tests to CMakeLists
  * Add a few unittests for debian_evr_string
  * Remove To be done
  * Move release guide to upstream
 - add 0005-rename-requires-reqs-for-C-20-compatibility.patch
 - rename patches
  openscap-opensuse-cpe.patch to 0001-Add-openSUSE-cpe-links.patch
  openscap-suse-cpe.patch to 0002-Add-SUSE-cpe-links.patch
  openscap-docker-add-suse.patch to 0003-Use-openSUSE-SUSE-cpe-links.patch
  oscap-remediate.service.in.patch to 0004-oscap-remediate-is-located-in-bindir.patch
 - drop 0001-Use-correct-includes.patch (upstream)
 -------------------------------------------------------------------
 Mon Jan 23 08:13:19 UTC 2023 - Thorsten Kukuk <kukuk@suse.com>
--- a/openscap.spec
+++ b/openscap.spec
@ -23,13 +23,13 @@
  %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           openscap
-Version:        1.3.6
+Version:        1.3.7
 Release:        0
 Summary:        A Set of Libraries for Integration with SCAP
 License:        LGPL-2.1-or-later
 Group:          Development/Tools/Other
 URL:            https://www.open-scap.org/
-Source:         https://github.com/OpenSCAP/openscap/archive/%{version}.tar.gz
+Source:         https://github.com/OpenSCAP/openscap/archive/%{name}-%{version}.tar.gz
 Source1:        openscap-rpmlintrc
 Source2:        sysconfig.oscap-scan
 # SUSE specific profile, based on yast2-security checks.
@ -38,13 +38,14 @@ Source3:        scap-yast2sec-xccdf.xml
 Source4:        scap-yast2sec-oval.xml
 Source5:        oscap-scan.service
 Source6:        oscap-scan.sh
-Patch1:         openscap-opensuse-cpe.patch
+Patch1:         0001-Add-openSUSE-cpe-links.patch
-Patch2:         openscap-suse-cpe.patch
+Patch2:         0002-Add-SUSE-cpe-links.patch
-Patch3:         openscap-docker-add-suse.patch
+Patch3:         0003-Use-openSUSE-SUSE-cpe-links.patch
 %if 0%{?suse_version} != 1599
-Patch4:         oscap-remediate.service.in.patch
+Patch4:         0004-oscap-remediate-is-located-in-bindir.patch
 %endif
-Patch5:         0001-Use-correct-includes.patch
+Patch5:         0005-rename-requires-reqs-for-C-20-compatibility.patch
 BuildRequires:  asciidoc
 # Use package name cause of "have choice for perl(XML::Parser): brp-check-suse perl-XML-Parser"
 BuildRequires:  cmake
--- a/oscap-remediate.service.in.patch
+++ b/oscap-remediate.service.in.patch
@ -1,12 +0,0 @@
 Index: openscap-1.3.6/oscap-remediate.service.in
 ===================================================================
 --- openscap-1.3.6.orig/oscap-remediate.service.in
 +++ openscap-1.3.6/oscap-remediate.service.in
@@ -8,6 +8,6 @@ Before=shutdown.target system-update.tar
 [Service]
 Type=oneshot
 -ExecStart=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBEXECDIR@/oscap-remediate
 +ExecStart=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_BINDIR@/oscap-remediate
 FailureAction=reboot