forked from pool/openscap
Accepting request 799976 from home:msmeissn:branches:security
- openscap 1.3.3. Notable improvements in this release:
- a Python script that can be used for CLI tailoring (autotailor) (thank you, Matěj Týč);
- timezone for XCCDF TestResult start and end time (thank you, Jan Černý);
- new yamlfilecontent independent probe (draft implementation),
see the proposal https://github.com/OVAL-Community/OVAL/issues/91
for additional information.
There are other changes as well, here is the list:
- Introduced `urn:xccdf:fix:script:kubernetes` fix type in XCCDF;
- Added ability to generate `machineconfig` fix;
- Detect ambiguous scan target (utils/oscap-podman);
- Fixed #170: The rpmverifyfile probe can't verify files from '/bin' directory;
- The data system_info probe return for offline and online modes is consistent and actual;
- Prevent crashes when complicated regexes are executed in textfilecontent58 probe;
- Fixed #1512: Severity refinement lost in generated guide;
- Fixed #1453: Pointer lost in Swig API;
- Evaluation Characteristics of the XCCDF report are now consistent with OVAL entities;
from system_info probe;
- Fixed filepath pattern matching in offline mode in textfilecontent58 probe;
- Fixed infinite recursion in systemdunitdependency probe;
- Fixed the case when CMake couldn't find libacl or xattr.h.
- dropped 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch: upstream
OBS-URL: https://build.opensuse.org/request/show/799976
OBS-URL: https://build.opensuse.org/package/show/security/openscap?expand=0&rev=248
This commit is contained in:
Git OBS Bridge
parent
d3967e180d
commit
0cb0407eba
@ -1,41 +0,0 @@
|
||||
From 0ba7c9423f64a88ceef50318f1a382059484f737 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
|
||||
Date: Wed, 15 Jan 2020 13:54:45 +0100
|
||||
Subject: [PATCH] Do not use C++ keyword operator as a function parameter name
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
This fixes SCAP Workbench build.
|
||||
|
||||
Addressing:
|
||||
[ 37%] Building CXX object CMakeFiles/scap-workbench.dir/scap-workbench_autogen/mocs_compilation.cpp.o
|
||||
In file included from /usr/local/include/openscap/xccdf_policy.h:39,
|
||||
from /home/jcerny/work/git/scap-workbench/include/TailoringDockWidgets.h:31,
|
||||
from /home/jcerny/work/git/scap-workbench/build/scap-workbench_autogen/6YEA5652QU/moc_TailoringDockWidgets.cpp:10,
|
||||
from /home/jcerny/work/git/scap-workbench/build/scap-workbench_autogen/mocs_compilation.cpp:18:
|
||||
/usr/local/include/openscap/oval_definitions.h:1676:117: error: declaration of ‘operator,’ as parameter
|
||||
1676 | restriction *oval_variable_possible_restriction_new(oval_operator_t operator, const char *hint);
|
||||
| ^
|
||||
|
||||
Fixes: #1462
|
||||
---
|
||||
src/OVAL/public/oval_definitions.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/OVAL/public/oval_definitions.h b/src/OVAL/public/oval_definitions.h
|
||||
index ea9d3aaf8..b5fe77154 100644
|
||||
--- a/src/OVAL/public/oval_definitions.h
|
||||
+++ b/src/OVAL/public/oval_definitions.h
|
||||
@@ -1669,7 +1669,7 @@ OSCAP_API void oval_variable_possible_value_iterator_free(struct oval_variable_p
|
||||
* @param hint A short description of what the value means or represents.
|
||||
* @memberof oval_variable_possible_restriction
|
||||
*/
|
||||
-OSCAP_API struct oval_variable_possible_restriction *oval_variable_possible_restriction_new(oval_operator_t operator, const char *hint);
|
||||
+OSCAP_API struct oval_variable_possible_restriction *oval_variable_possible_restriction_new(oval_operator_t, const char *);
|
||||
|
||||
|
||||
/**
|
||||
--
|
||||
2.25.1
|
||||
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:3ab3a8e9b4f1ec727fafe5d7325b34c6bc4b0ce87ac5ca42f5c965b6ee6c94bd
|
||||
size 12360113
|
||||
3
1.3.3.tar.gz
Normal file
3
1.3.3.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:b867cc6813a567b23083ea2041fd31985063111d1eae9b650cde88cd50031958
|
||||
size 13000059
|
||||
26
openscap-operator-c++.patch
Normal file
26
openscap-operator-c++.patch
Normal file
@ -0,0 +1,26 @@
|
||||
Index: openscap-1.3.2/src/OVAL/probes/probe/entcmp.h
|
||||
===================================================================
|
||||
--- openscap-1.3.2.orig/src/OVAL/probes/probe/entcmp.h
|
||||
+++ openscap-1.3.2/src/OVAL/probes/probe/entcmp.h
|
||||
@@ -49,7 +49,7 @@ oval_result_t probe_ent_result_bychk(SEX
|
||||
* @param res_lst the results vector
|
||||
* @param check the operator enumeration value
|
||||
*/
|
||||
-oval_result_t probe_ent_result_byopr(SEXP_t * res_lst, oval_operator_t operator);
|
||||
+oval_result_t probe_ent_result_byopr(SEXP_t * res_lst, oval_operator_t xop);
|
||||
|
||||
/**
|
||||
* Compare object entity's content with a value.
|
||||
Index: openscap-1.3.2/src/OVAL/public/oval_definitions.h
|
||||
===================================================================
|
||||
--- openscap-1.3.2.orig/src/OVAL/public/oval_definitions.h
|
||||
+++ openscap-1.3.2/src/OVAL/public/oval_definitions.h
|
||||
@@ -1669,7 +1669,7 @@ OSCAP_API void oval_variable_possible_va
|
||||
* @param hint A short description of what the value means or represents.
|
||||
* @memberof oval_variable_possible_restriction
|
||||
*/
|
||||
-OSCAP_API struct oval_variable_possible_restriction *oval_variable_possible_restriction_new(oval_operator_t operator, const char *hint);
|
||||
+OSCAP_API struct oval_variable_possible_restriction *oval_variable_possible_restriction_new(oval_operator_t xop, const char *hint);
|
||||
|
||||
|
||||
/**
|
||||
@ -1,3 +1,29 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon May 4 05:35:18 UTC 2020 - Marcus Meissner <meissner@suse.com>
|
||||
|
||||
- openscap 1.3.3. Notable improvements in this release:
|
||||
- a Python script that can be used for CLI tailoring (autotailor) (thank you, Matěj Týč);
|
||||
- timezone for XCCDF TestResult start and end time (thank you, Jan Černý);
|
||||
- new yamlfilecontent independent probe (draft implementation),
|
||||
see the proposal https://github.com/OVAL-Community/OVAL/issues/91
|
||||
for additional information.
|
||||
|
||||
There are other changes as well, here is the list:
|
||||
- Introduced `urn:xccdf:fix:script:kubernetes` fix type in XCCDF;
|
||||
- Added ability to generate `machineconfig` fix;
|
||||
- Detect ambiguous scan target (utils/oscap-podman);
|
||||
- Fixed #170: The rpmverifyfile probe can't verify files from '/bin' directory;
|
||||
- The data system_info probe return for offline and online modes is consistent and actual;
|
||||
- Prevent crashes when complicated regexes are executed in textfilecontent58 probe;
|
||||
- Fixed #1512: Severity refinement lost in generated guide;
|
||||
- Fixed #1453: Pointer lost in Swig API;
|
||||
- Evaluation Characteristics of the XCCDF report are now consistent with OVAL entities;
|
||||
from system_info probe;
|
||||
- Fixed filepath pattern matching in offline mode in textfilecontent58 probe;
|
||||
- Fixed infinite recursion in systemdunitdependency probe;
|
||||
- Fixed the case when CMake couldn't find libacl or xattr.h.
|
||||
- dropped 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch: upstream
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 25 13:53:51 UTC 2020 - Christophe Giboudeaux <christophe@krop.fr>
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package openscap
|
||||
#
|
||||
# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2020 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -25,7 +25,7 @@
|
||||
%define with_bindings 0
|
||||
|
||||
Name: openscap
|
||||
Version: 1.3.2
|
||||
Version: 1.3.3
|
||||
Release: 0
|
||||
Source: https://github.com/OpenSCAP/openscap/archive/%{version}.tar.gz
|
||||
# temp snapshot to make it build with new RPM before 1.3.2
|
||||
@ -39,9 +39,7 @@ Source4: scap-yast2sec-oval.xml
|
||||
Source5: oscap-scan.service
|
||||
Source6: oscap-scan.sh
|
||||
Patch0: openscap-new-suse.patch
|
||||
# PATCH-FIX-UPSTREAM
|
||||
Patch1: 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch
|
||||
Url: https://www.open-scap.org/
|
||||
URL: https://www.open-scap.org/
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
BuildRequires: asciidoc
|
||||
BuildRequires: doxygen
|
||||
@ -174,7 +172,6 @@ This package contains the Script Checking Engine Library (SCE) for OpenSCAP.
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
|
||||
%build
|
||||
%if 0%{?with_bindings}
|
||||
@ -288,6 +285,7 @@ ln -s %{_datadir}/openscap/scap-yast2sec-xccdf.xml %{buildroot}/%{_datadir}/ope
|
||||
%doc docs/oscap-scan.cron
|
||||
%{_mandir}/man8/*
|
||||
%{_unitdir}/oscap-scan.service
|
||||
%{_bindir}/autotailor
|
||||
%{_bindir}/oscap
|
||||
%{_bindir}/oscap-vm
|
||||
%{_bindir}/oscap-scan
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user