SHA256
1
0
forked from pool/openscap

Accepting request 601560 from home:msmeissn:branches:security

- openscap-new-suse.patch: handle SLE15 and openSUSE Leap 42.3 and 15.0
  (bsc#1091040)

OBS-URL: https://build.opensuse.org/request/show/601560
OBS-URL: https://build.opensuse.org/package/show/security/openscap?expand=0&rev=210
This commit is contained in:
Marcus Meissner 2018-04-26 13:26:15 +00:00 committed by Git OBS Bridge
parent da4441b12a
commit 27ae7c8e8c
3 changed files with 212 additions and 0 deletions

204
openscap-new-suse.patch Normal file
View File

@ -0,0 +1,204 @@
Index: openscap-1.2.16/cpe/openscap-cpe-dict.xml
===================================================================
--- openscap-1.2.16.orig/cpe/openscap-cpe-dict.xml
+++ openscap-1.2.16/cpe/openscap-cpe-dict.xml
@@ -133,6 +133,14 @@
<title xml:lang="en-us">SUSE Linux Enterprise Desktop 12</title>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sled:def:12</check>
</cpe-item>
+ <cpe-item name="cpe:/o:suse:sles:15">
+ <title xml:lang="en-us">SUSE Linux Enterprise Server 15</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sles:def:15</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:suse:sled:15">
+ <title xml:lang="en-us">SUSE Linux Enterprise Desktop 15</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sled:def:15</check>
+ </cpe-item>
<cpe-item name="cpe:/o:opensuse:opensuse:11.4">
<title xml:lang="en-us">openSUSE 11.4</title>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:114</check>
@@ -145,14 +153,22 @@
<title xml:lang="en-us">openSUSE 13.2</title>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:132</check>
</cpe-item>
- <cpe-item name="cpe:/o:novell:leap:42.1">
+ <cpe-item name="cpe:/o:opensuse:leap:42.1">
<title xml:lang="en-us">openSUSE 42.1</title>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:421</check>
</cpe-item>
- <cpe-item name="cpe:/o:novell:leap:42.2">
+ <cpe-item name="cpe:/o:opensuse:leap:42.2">
<title xml:lang="en-us">openSUSE 42.2</title>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:422</check>
</cpe-item>
+ <cpe-item name="cpe:/o:opensuse:leap:42.3">
+ <title xml:lang="en-us">openSUSE Leap 42.3</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:423</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:opensuse:leap:15.0">
+ <title xml:lang="en-us">openSUSE Leap 15.0</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:150</check>
+ </cpe-item>
<cpe-item name="cpe:/o:opensuse:opensuse">
<title xml:lang="en-us">openSUSE All Versions</title>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:1</check>
Index: openscap-1.2.16/cpe/openscap-cpe-oval.xml
===================================================================
--- openscap-1.2.16.orig/cpe/openscap-cpe-oval.xml
+++ openscap-1.2.16/cpe/openscap-cpe-oval.xml
@@ -449,6 +449,34 @@
</criteria>
</definition>
+ <definition class="inventory" id="oval:org.open-scap.cpe.sles:def:15" version="1">
+ <metadata>
+ <title>SUSE Linux Enterprise Server 15</title>
+ <affected family="unix">
+ <platform>SUSE Linux Enterprise Server 15</platform>
+ </affected>
+ <reference ref_id="cpe:/o:suse:sles:15" source="CPE"/>
+ <description>The operating system installed on the system is SUSE Linux Enterprise Server 15</description>
+ </metadata>
+ <criteria>
+ <criterion comment="SLES 15 is installed" test_ref="oval:org.open-scap.cpe.sles:tst:15"/>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.sled:def:15" version="1">
+ <metadata>
+ <title>SUSE Linux Enterprise Desktop 15</title>
+ <affected family="unix">
+ <platform>SUSE Linux Enterprise Desktop 15</platform>
+ </affected>
+ <reference ref_id="cpe:/o:suse:sled:15" source="CPE"/>
+ <description>The operating system installed on the system is SUSE Linux Enterprise Desktop 15</description>
+ </metadata>
+ <criteria>
+ <criterion comment="SLED 15 is installed" test_ref="oval:org.open-scap.cpe.sled:tst:15"/>
+ </criteria>
+ </definition>
+
<definition class="inventory" id="oval:org.open-scap.cpe.opensuse:def:1" version="1">
<metadata>
<title>openSUSE All Versions</title>
@@ -519,17 +547,43 @@
</definition>
<definition class="inventory" id="oval:org.open-scap.cpe.opensuse:def:422" version="1">
<metadata>
- <title>openSUSE 42.2</title>
+ <title>openSUSE Leap 42.2</title>
<affected family="unix">
- <platform>openSUSE 42.2</platform>
+ <platform>openSUSE Leap 42.2</platform>
</affected>
<reference ref_id="cpe:/o:novell:leap:42.2" source="CPE"/>
- <description>The operating system installed on the system is openSUSE 42.2</description>
+ <description>The operating system installed on the system is openSUSE Leap 42.2</description>
</metadata>
<criteria>
<criterion comment="openSUSE 42.2 is installed" test_ref="oval:org.open-scap.cpe.opensuse:tst:422"/>
</criteria>
</definition>
+ <definition class="inventory" id="oval:org.open-scap.cpe.opensuse:def:423" version="1">
+ <metadata>
+ <title>openSUSE Leap 42.3</title>
+ <affected family="unix">
+ <platform>openSUSE Leap 42.3</platform>
+ </affected>
+ <reference ref_id="cpe:/o:novell:leap:42.3" source="CPE"/>
+ <description>The operating system installed on the system is openSUSE Leap 42.3</description>
+ </metadata>
+ <criteria>
+ <criterion comment="openSUSE 42.3 is installed" test_ref="oval:org.open-scap.cpe.opensuse:tst:423"/>
+ </criteria>
+ </definition>
+ <definition class="inventory" id="oval:org.open-scap.cpe.opensuse:def:150" version="1">
+ <metadata>
+ <title>openSUSE Leap 15.0</title>
+ <affected family="unix">
+ <platform>openSUSE Leap 15.0</platform>
+ </affected>
+ <reference ref_id="cpe:/o:novell:leap:15.0" source="CPE"/>
+ <description>The operating system installed on the system is openSUSE Leap 15.0</description>
+ </metadata>
+ <criteria>
+ <criterion comment="openSUSE 42.3 is installed" test_ref="oval:org.open-scap.cpe.opensuse:tst:423"/>
+ </criteria>
+ </definition>
<definition class="inventory" id="oval:org.open-scap.cpe.wrlinux:def:1" version="1" >
<metadata>
<title>Wind River Linux</title>
@@ -715,6 +769,11 @@
<object object_ref="oval:org.open-scap.cpe.sles-release:obj:1"/>
<state state_ref="oval:org.open-scap.cpe.sles:ste:12"/>
</rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sles:tst:15" version="1" check="at least one" comment="sles-release is version 15"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sles-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.sles:ste:15"/>
+ </rpminfo_test>
<rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sled:tst:10" version="1" check="at least one" comment="sled-release is version 10"
xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:org.open-scap.cpe.sled-release:obj:1"/>
@@ -730,6 +789,11 @@
<object object_ref="oval:org.open-scap.cpe.sled-release:obj:1"/>
<state state_ref="oval:org.open-scap.cpe.sled:ste:12"/>
</rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sled:tst:15" version="1" check="at least one" comment="sled-release is version 15"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sled-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.sled:ste:15"/>
+ </rpminfo_test>
<rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.opensuse:tst:1" version="1" check="at least one" comment="openSUSE-release is version 11.4"
xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:org.open-scap.cpe.openSUSE-release:obj:1"/>
@@ -760,6 +824,16 @@
<object object_ref="oval:org.open-scap.cpe.openSUSE-release:obj:1"/>
<state state_ref="oval:org.open-scap.cpe.opensuse:ste:422"/>
</rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.opensuse:tst:423" version="2" check="at least one" comment="openSUSE-release is version 42.2"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.openSUSE-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.opensuse:ste:423"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.opensuse:tst:150" version="2" check="at least one" comment="openSUSE-release is version 42.2"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.openSUSE-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.opensuse:ste:150"/>
+ </rpminfo_test>
<family_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.wrlinux:tst:1" version="1" check="only one"
comment="Installed operating system is part of the Unix family."
xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
@@ -955,6 +1029,9 @@
<rpminfo_state id="oval:org.open-scap.cpe.sles:ste:12" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<version operation="pattern match">^12($|[^\d])</version>
</rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.sles:ste:15" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^15($|[^\d])</version>
+ </rpminfo_state>
<rpminfo_state id="oval:org.open-scap.cpe.sled:ste:10" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<version operation="pattern match">^10($|[^\d])</version>
</rpminfo_state>
@@ -964,6 +1041,9 @@
<rpminfo_state id="oval:org.open-scap.cpe.sled:ste:12" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<version operation="pattern match">^12($|[^\d])</version>
</rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.sled:ste:15" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^15($|[^\d])</version>
+ </rpminfo_state>
<rpminfo_state id="oval:org.open-scap.cpe.opensuse:ste:2" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<name operation="pattern match">^openSUSE-release</name>
</rpminfo_state>
@@ -982,6 +1062,12 @@
<rpminfo_state id="oval:org.open-scap.cpe.opensuse:ste:422" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<version operation="pattern match">^42.2$</version>
</rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.opensuse:ste:423" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^42.3$</version>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.opensuse:ste:150" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^15.0$</version>
+ </rpminfo_state>
<textfilecontent54_state
id="oval:org.open-scap.cpe.wrlinux-release:ste:8"
comment="Check the /etc/wrlinux-release file for VERSION 8 specification."

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Apr 26 12:56:42 UTC 2018 - meissner@suse.com
- openscap-new-suse.patch: handle SLE15 and openSUSE Leap 42.3 and 15.0
(bsc#1091040)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Mar 5 15:11:19 UTC 2018 - jengelh@inai.de Mon Mar 5 15:11:19 UTC 2018 - jengelh@inai.de

View File

@ -36,6 +36,7 @@ Source3: scap-yast2sec-xccdf.xml
Source4: scap-yast2sec-oval.xml Source4: scap-yast2sec-oval.xml
Source5: oscap-scan.service Source5: oscap-scan.service
Source6: oscap-scan.sh Source6: oscap-scan.sh
Patch0: openscap-new-suse.patch
Url: http://www.open-scap.org/ Url: http://www.open-scap.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: doxygen BuildRequires: doxygen
@ -174,6 +175,7 @@ commonly used and require additional dependencies.
%prep %prep
%setup -q %setup -q
%patch0 -p1
%build %build