Accepting request 213430 from security

- openscap-1.0.2 update:
  - XCCDF generate fix now supports tailoring file
  - XCCDF bug fixes
    - Generate guide points to RHSA pages (rhbz#1018291)
    - Generate report ommits remediation when assesment passed
      (rhbz#1029879)
    - $PATH variable is available for SCE checks (rhbz#1026833)
    - Tailoring of top-level Group elements via API fixed
    - Fix-filtering should not drop fixes (affected SSG)
    - Generated fix file is created with sane permissions (trac#362)
    - Inherit parent's namespace when exporting oscap_text with HTML
      trait
  - OVAL bug fixes:
    - Handful of xinetd probe fixes
    - Handful of process and process58 fixes
    - Obsoleted textfilecontent now supports text ent comparisons
    - rpm*_item/epoch is reported as '(none)' when needed
    - Fixed dozen of flaws in ipv4 and ipv6_address comparison
      (CIDR handling)
    - Made integer and floating type number parsing much stricter
    - Fixed floating point numbers comparisons (trac#366)
    - Fixed case-insensitive comparisons
    - Item filtering fixes in probes
    - Consolidated some of comparisons in results model and probes
     (trac#367)
  - Other bug fixes:
    - Workaround libxml2 bug handling x509 xmldsig (gnomebz#350248)
    - Fixed static build (--disable-shared)
    - Format assertions (-Werror=format-security) turned on by default
    - SCE scripts are notified when parent (oscap) is killed

OBS-URL: https://build.opensuse.org/request/show/213430
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openscap?expand=0&rev=24

fix-return.patch

@@ -0,0 +1,12 @@
+Index: openscap-1.0.2/src/OVAL/results/oval_cmp_ip_address.c
+===================================================================
+--- openscap-1.0.2.orig/src/OVAL/results/oval_cmp_ip_address.c
++++ openscap-1.0.2/src/OVAL/results/oval_cmp_ip_address.c
+@@ -58,6 +58,7 @@ static inline int ipaddr_cmp(int af, con
+ 		return memcmp(addr1, addr2, sizeof(struct in6_addr));
+ 
+ 	assert(false);
++	return 42;
+ }
+ 
+ static inline void ipaddr_mask(int af, const void *ip_addr, uint32_t mask)

openscap-1.0.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:17fe190e35c68aaaaf0890daaed07ab65521c6879217ae30cfc68a66b743f0bb
-size 13166679

openscap-1.0.1.tar.gz.sha1sum

@@ -1 +0,0 @@
-bde225c8dec2e8e15c109405d041abebd02a11ac  openscap-1.0.1.tar.gz

openscap-1.0.2.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b002a91a3308c24d530b342d57c77d77fc80f41315d8b6cab52af017bf12ca05
+size 13449503

openscap-1.0.2.tar.gz.sha1sum

@@ -0,0 +1 @@
+c9703dc70e2361646c10752ad23edc1a83e72e3d  openscap-1.0.2.tar.gz

openscap.changes

@@ -1,3 +1,42 @@
+-------------------------------------------------------------------
+Fri Jan 10 10:25:19 UTC 2014 - meissner@suse.com
+
+- openscap-1.0.2 update:
+  - XCCDF generate fix now supports tailoring file
+  - XCCDF bug fixes
+    - Generate guide points to RHSA pages (rhbz#1018291)
+    - Generate report ommits remediation when assesment passed
+      (rhbz#1029879)
+    - $PATH variable is available for SCE checks (rhbz#1026833)
+    - Tailoring of top-level Group elements via API fixed
+    - Fix-filtering should not drop fixes (affected SSG)
+    - Generated fix file is created with sane permissions (trac#362)
+    - Inherit parent's namespace when exporting oscap_text with HTML
+      trait
+  - OVAL bug fixes:
+    - Handful of xinetd probe fixes
+    - Handful of process and process58 fixes
+    - Obsoleted textfilecontent now supports text ent comparisons
+    - rpm*_item/epoch is reported as '(none)' when needed
+    - Fixed dozen of flaws in ipv4 and ipv6_address comparison
+      (CIDR handling)
+    - Made integer and floating type number parsing much stricter
+    - Fixed floating point numbers comparisons (trac#366)
+    - Fixed case-insensitive comparisons
+    - Item filtering fixes in probes
+    - Consolidated some of comparisons in results model and probes
+     (trac#367)
+  - Other bug fixes:
+    - Workaround libxml2 bug handling x509 xmldsig (gnomebz#350248)
+    - Fixed static build (--disable-shared)
+    - Format assertions (-Werror=format-security) turned on by default
+    - SCE scripts are notified when parent (oscap) is killed
+    - oscap info now recognizes all the document types
+      (adeded: tailoring & CVE)
+    - Documentation improvements
+    - Handful of other minor fixes
+- fix-return.patch: Fixed a void return
+
 -------------------------------------------------------------------
 Mon Dec  2 16:53:56 UTC 2013 - meissner@suse.com
 

openscap.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package openscap
 #
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
 %define with_bindings 0
 
 Name:           openscap
-Version:        1.0.1
+Version:        1.0.2
 Release:        1.0
 Source:         https://fedorahosted.org/releases/o/p/openscap/%name-%version.tar.gz
 Source5:        https://fedorahosted.org/releases/o/p/openscap/%name-%version.tar.gz.sha1sum
@@ -31,9 +31,8 @@ Source2:        sysconfig.oscap-scan
 # Generated from http://gitorious.org/test-suite/scap
 Source3:        scap-yast2sec-xccdf.xml
 Source4:        scap-yast2sec-oval.xml
-#
-#
 Patch0:         fix-missing-include.dif
+Patch1:         fix-return.patch
 Url:            http://www.open-scap.org/
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  libacl-devel
@@ -149,6 +148,7 @@ commonly used and require additional dependencies.
 %prep
 %setup -q
 %patch0 -p1 
+%patch1 -p1 
 
 %build