rpm/openscap
SHA256
1
0
Fork 0
forked from pool/openscap
Code Pull Requests Activity

Accepting request 348807 from security

Browse Source 
- openscap 1.2.7 release
  - New features                                                                                                                                                                             
    - OVAL 5.11.1 fully supported                                                                                                                                                            
    - oscap-vm - tool for offline scanning of virtual machines                                                                                                                               
    - verbose mode                                                                                                                                                                           
    - added SLED, SLES and OpenSUSE CPE names                                                                                                                                                
    - show profile description in HTML report and guide                                                                                                                                      
    - group rules by PCI DSS identifier in HTML report                                                                                                                                       
    - preliminary support for Ansible Playbooks within xccdf:fix                                                                                                                             
    - added "How to contribute" and "Versioning" documents                                                                                                                                   
  - Maintenance                                                                                                                                                                              
    - using bziped RHSA documents in oscap-docker                                                                                                                                            
    - fixed errors of sysctl probe                                                                                                                                                           
    - fixed skip-valid option (issue #203)                                                                                                                                                   
    - fixed segmentation faults in SCE content reporting (issue #231)                                                                                                                        
    - fixed tracebacks of scap-as-rpm                                                                                                                                                        
    - fixed invalid memory reads in rpmverifyfile probe (issue #212)                                                                                                                         
    - updated README and user manual                                                                                                                                                         
    - many small bugfixes and new tests                                                                                                                                                      
- openscap-new-inventory.patch: upstreamed
- fix-missing-include.dif: refreshed, 1 hunk upstream

OBS-URL: https://build.opensuse.org/request/show/348807
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openscap?expand=0&rev=42
This commit is contained in:
Dominique Leuenberger 2015-12-16 16:43:00 +00:00 committed by Git OBS Bridge
commit 94085afd87
8 changed files with 35 additions and 394 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
fix-missing-include.dif
View File

@ -1,7 +1,7 @@
Index: openscap-1.2.6/src/OVAL/probes/unix/linux/rpminfo.c Index: openscap-1.2.7/src/OVAL/probes/unix/linux/rpminfo.c
=================================================================== ===================================================================
--- openscap-1.2.6.orig/src/OVAL/probes/unix/linux/rpminfo.c --- openscap-1.2.7.orig/src/OVAL/probes/unix/linux/rpminfo.c
+++ openscap-1.2.6/src/OVAL/probes/unix/linux/rpminfo.c +++ openscap-1.2.7/src/OVAL/probes/unix/linux/rpminfo.c
@@ -66,6 +66,7 @@ @@ -66,6 +66,7 @@
#include <rpm/rpmmacro.h> #include <rpm/rpmmacro.h>
#include <rpm/rpmlog.h> #include <rpm/rpmlog.h>
@ -10,15 +10,3 @@ Index: openscap-1.2.6/src/OVAL/probes/unix/linux/rpminfo.c
#ifndef HAVE_HEADERFORMAT #ifndef HAVE_HEADERFORMAT
# define HAVE_LIBRPM44 1 /* hack */ # define HAVE_LIBRPM44 1 /* hack */
Index: openscap-1.2.6/src/common/oscap_acquire.c
===================================================================
--- openscap-1.2.6.orig/src/common/oscap_acquire.c
+++ openscap-1.2.6/src/common/oscap_acquire.c
@@ -36,6 +36,7 @@
#include <ftw.h>
#include "oscap_acquire.h"
+#include "oscap_buffer.h"
#include "common/_error.h"
#include "oscap_string.h"

3
openscap-1.2.6.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:95f2345e041e9ba838ad8065b68ce0ec4b0971d7afc72d601489236bbfc0c652
size 15601491

1
openscap-1.2.6.tar.gz.sha1sum
View File

@ -1 +0,0 @@
1a2582cb9a75309316fa2e86169529a2b9eaa060 openscap-1.2.6.tar.gz

3
openscap-1.2.7.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:41c266f4316546b227c5da447568ee64d856cb85a9104893038e66bc9b956d58
size 15685221

1
openscap-1.2.7.tar.gz.sha1sum Normal file
View File

@ -0,0 +1 @@
88be9e23c5fb34d7a4e2252c959af87dc986fa89 openscap-1.2.7.tar.gz

372
openscap-new-inventory.patch
View File

@ -1,372 +0,0 @@
Index: openscap-1.2.6/cpe/openscap-cpe-dict.xml
===================================================================
--- openscap-1.2.6.orig/cpe/openscap-cpe-dict.xml
+++ openscap-1.2.6/cpe/openscap-cpe-dict.xml
@@ -77,7 +77,50 @@
<title xml:lang="en-us">Fedora 24</title>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.fedora:def:24</check>
</cpe-item>
-
+ <cpe-item name="cpe:/o:suse:sle">
+ <title xml:lang="en-us">SUSE Linux Enterprise all versions</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sle:def:1</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:suse:sles:10">
+ <title xml:lang="en-us">SUSE Linux Enterprise Server 10</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sles:def:10</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:suse:sled:10">
+ <title xml:lang="en-us">SUSE Linux Enterprise Desktop 10</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sled:def:10</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:suse:sles:11">
+ <title xml:lang="en-us">SUSE Linux Enterprise Server 11</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sles:def:11</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:suse:sled:11">
+ <title xml:lang="en-us">SUSE Linux Enterprise Desktop 11</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sled:def:11</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:suse:sles:12">
+ <title xml:lang="en-us">SUSE Linux Enterprise Server 12</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sles:def:12</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:suse:sled:12">
+ <title xml:lang="en-us">SUSE Linux Enterprise Desktop 12</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.sled:def:12</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:opensuse:opensuse:11.4">
+ <title xml:lang="en-us">openSUSE 11.4</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:114</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:opensuse:opensuse:13.1">
+ <title xml:lang="en-us">openSUSE 13.1</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:131</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:opensuse:opensuse:13.2">
+ <title xml:lang="en-us">openSUSE 13.2</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:132</check>
+ </cpe-item>
+ <cpe-item name="cpe:/o:opensuse:opensuse">
+ <title xml:lang="en-us">openSUSE All Versions</title>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="openscap-cpe-oval.xml">oval:org.open-scap.cpe.opensuse:def:1</check>
+ </cpe-item>
<!-- Add-ons -->
<cpe-item name="cpe:/a:redhat:rhel_productivity">
<title xml:lang="en-us">Red Hat Enterprise Linux Optional Productivity Applications</title>
Index: openscap-1.2.6/cpe/openscap-cpe-oval.xml
===================================================================
--- openscap-1.2.6.orig/cpe/openscap-cpe-oval.xml
+++ openscap-1.2.6/cpe/openscap-cpe-oval.xml
@@ -278,6 +278,175 @@
<criterion comment="Fedora 24 is installed" test_ref="oval:org.open-scap.cpe.fedora:tst:24"/>
</criteria>
</definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.sle:def:1" version="1">
+ <metadata>
+ <title>SUSE Linux Enterprise All Platforms</title>
+ <affected family="unix">
+ <platform>SUSE Linux Enterprise All Platforms</platform>
+ </affected>
+ <reference ref_id="cpe:/o:suse:sle" source="CPE"/>
+ <description>The operating system installed on the system is SUSE Linux Enterprise</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criteria operator="OR">
+ <criterion comment="SLES is installed" test_ref="oval:org.open-scap.cpe.sles:tst:1"/>
+ <criterion comment="SLED is installed" test_ref="oval:org.open-scap.cpe.sled:tst:1"/>
+ </criteria>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.sles:def:10" version="1">
+ <metadata>
+ <title>SUSE Linux Enterprise Server 10</title>
+ <affected family="unix">
+ <platform>SUSE Linux Enterprise Server 10</platform>
+ </affected>
+ <reference ref_id="cpe:/o:suse:sles:10" source="CPE"/>
+ <description>The operating system installed on the system is SUSE Linux Enterprise Server 10</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criterion comment="SLES 10 is installed" test_ref="oval:org.open-scap.cpe.sles:tst:10"/>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.sled:def:10" version="1">
+ <metadata>
+ <title>SUSE Linux Enterprise Desktop 10</title>
+ <affected family="unix">
+ <platform>SUSE Linux Enterprise Desktop 10</platform>
+ </affected>
+ <reference ref_id="cpe:/o:suse:sled:10" source="CPE"/>
+ <description>The operating system installed on the system is SUSE Linux Enterprise Desktop 10</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criterion comment="SLED 10 is installed" test_ref="oval:org.open-scap.cpe.sled:tst:10"/>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.sles:def:11" version="1">
+ <metadata>
+ <title>SUSE Linux Enterprise Server 11</title>
+ <affected family="unix">
+ <platform>SUSE Linux Enterprise Server 11</platform>
+ </affected>
+ <reference ref_id="cpe:/o:suse:sles:11" source="CPE"/>
+ <description>The operating system installed on the system is SUSE Linux Enterprise Server 11</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criterion comment="SLES 11 is installed" test_ref="oval:org.open-scap.cpe.sles:tst:11"/>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.sled:def:11" version="1">
+ <metadata>
+ <title>SUSE Linux Enterprise Desktop 11</title>
+ <affected family="unix">
+ <platform>SUSE Linux Enterprise Desktop 11</platform>
+ </affected>
+ <reference ref_id="cpe:/o:suse:sles:11" source="CPE"/>
+ <description>The operating system installed on the system is SUSE Linux Enterprise Desktop 11</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criterion comment="SLED 11 is installed" test_ref="oval:org.open-scap.cpe.sled:tst:11"/>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.sles:def:12" version="1">
+ <metadata>
+ <title>SUSE Linux Enterprise Server 12</title>
+ <affected family="unix">
+ <platform>SUSE Linux Enterprise Server 12</platform>
+ </affected>
+ <reference ref_id="cpe:/o:suse:sles:12" source="CPE"/>
+ <description>The operating system installed on the system is SUSE Linux Enterprise Server 12</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criterion comment="SLES 12 is installed" test_ref="oval:org.open-scap.cpe.sles:tst:12"/>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.sled:def:12" version="1">
+ <metadata>
+ <title>SUSE Linux Enterprise Desktop 12</title>
+ <affected family="unix">
+ <platform>SUSE Linux Enterprise Desktop 12</platform>
+ </affected>
+ <reference ref_id="cpe:/o:suse:sled:12" source="CPE"/>
+ <description>The operating system installed on the system is SUSE Linux Enterprise Desktop 12</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criterion comment="SLED 12 is installed" test_ref="oval:org.open-scap.cpe.sled:tst:12"/>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.opensuse:def:1" version="1">
+ <metadata>
+ <title>openSUSE All Versions</title>
+ <affected family="unix">
+ <platform>openSUSE</platform>
+ </affected>
+ <reference ref_id="cpe:/o:opensuse:opensuse" source="CPE"/>
+ <description>The operating system installed on the system is openSUSE</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criterion comment="openSUSE is installed" test_ref="oval:org.open-scap.cpe.opensuse:tst:1"/>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.opensuse:def:114" version="1">
+ <metadata>
+ <title>openSUSE 11.4</title>
+ <affected family="unix">
+ <platform>openSUSE 11.4</platform>
+ </affected>
+ <reference ref_id="cpe:/o:opensuse:opensuse:11.4" source="CPE"/>
+ <description>The operating system installed on the system is openSUSE 11.4</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criterion comment="openSUSE 11.4 is installed" test_ref="oval:org.open-scap.cpe.opensuse:tst:114"/>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.opensuse:def:131" version="1">
+ <metadata>
+ <title>openSUSE 13.1</title>
+ <affected family="unix">
+ <platform>openSUSE 13.1</platform>
+ </affected>
+ <reference ref_id="cpe:/o:opensuse:opensuse:13.1" source="CPE"/>
+ <description>The operating system installed on the system is openSUSE 13.1</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criterion comment="openSUSE 13.1 is installed" test_ref="oval:org.open-scap.cpe.opensuse:tst:131"/>
+ </criteria>
+ </definition>
+
+ <definition class="inventory" id="oval:org.open-scap.cpe.opensuse:def:132" version="1">
+ <metadata>
+ <title>openSUSE 13.2</title>
+ <affected family="unix">
+ <platform>openSUSE 13.2</platform>
+ </affected>
+ <reference ref_id="cpe:/o:opensuse:opensuse:13.2" source="CPE"/>
+ <description>The operating system installed on the system is openSUSE 13.2</description>
+ </metadata>
+ <criteria>
+ <criterion comment="Installed operating system is part of the unix family" test_ref="oval:org.open-scap.cpe.rhel:tst:1"/>
+ <criterion comment="openSUSE 13.2 is installed" test_ref="oval:org.open-scap.cpe.opensuse:tst:132"/>
+ </criteria>
+ </definition>
+
</definitions>
<tests>
<family_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.rhel:tst:1" version="1" check="only one"
@@ -381,6 +550,77 @@
<object object_ref="oval:org.open-scap.cpe.fedora-release:obj:2"/>
<state state_ref="oval:org.open-scap.cpe.fedora:ste:24"/>
</rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sles:tst:1" version="1" check="at least one" comment="/etc/sles-release is provided by sles-release package"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sles-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.sles:ste:1"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sled:tst:1" version="1" check="at least one" comment="/etc/sled-release is provided by sled-release package"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sles-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.sled:ste:1"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sles:tst:2" version="1" check="at least one" comment="/etc/sles-release is provided by sles-release package"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sles-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.sles:ste:2"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sled:tst:2" version="1" check="at least one" comment="/etc/sles-release is provided by sles-release package"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sled-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.sled:ste:2"/>
+ </rpminfo_test>
+
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sles:tst:10" version="1" check="at least one" comment="sles-release is version 10"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sles-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.sles:ste:10"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sles:tst:11" version="1" check="at least one" comment="sles-release is version 11"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sles-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.sles:ste:11"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sles:tst:12" version="1" check="at least one" comment="sles-release is version 12"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sles-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.sles:ste:12"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sled:tst:10" version="1" check="at least one" comment="sled-release is version 10"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sled-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.sled:ste:10"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sled:tst:11" version="1" check="at least one" comment="sled-release is version 11"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sled-release:obj:3"/>
+ <state state_ref="oval:org.open-scap.cpe.sled:ste:11"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.sled:tst:12" version="1" check="at least one" comment="sled-release is version 12"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.sled-release:obj:3"/>
+ <state state_ref="oval:org.open-scap.cpe.sled:ste:12"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.opensuse:tst:1" version="1" check="at least one" comment="openSUSE-release is version 11.4"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.openSUSE-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.opensuse:ste:2"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.opensuse:tst:114" version="1" check="at least one" comment="openSUSE-release is version 11.4"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.openSUSE-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.opensuse:ste:114"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.opensuse:tst:131" version="1" check="at least one" comment="openSUSE-release is version 13.1"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.openSUSE-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.opensuse:ste:131"/>
+ </rpminfo_test>
+ <rpminfo_test check_existence="at_least_one_exists" id="oval:org.open-scap.cpe.opensuse:tst:132" version="1" check="at least one" comment="openSUSE-release is version 13.2"
+ xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <object object_ref="oval:org.open-scap.cpe.openSUSE-release:obj:1"/>
+ <state state_ref="oval:org.open-scap.cpe.opensuse:ste:132"/>
+ </rpminfo_test>
</tests>
<objects>
<lin-def:rpminfo_object id="oval:org.open-scap.cpe.redhat-release:obj:1" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
@@ -400,6 +640,15 @@
<lin-def:filepath>/etc/redhat-release</lin-def:filepath>
</lin-def:rpmverifyfile_object>
<family_object id="oval:org.open-scap.cpe.unix:obj:1" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"/>
+ <lin-def:rpminfo_object id="oval:org.open-scap.cpe.sles-release:obj:1" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <lin-def:name>sles-release</lin-def:name>
+ </lin-def:rpminfo_object>
+ <lin-def:rpminfo_object id="oval:org.open-scap.cpe.sled-release:obj:1" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <lin-def:name>sled-release</lin-def:name>
+ </lin-def:rpminfo_object>
+ <lin-def:rpminfo_object id="oval:org.open-scap.cpe.openSUSE-release:obj:1" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <lin-def:name>openSUSE-release</lin-def:name>
+ </lin-def:rpminfo_object>
</objects>
<states>
<family_state id="oval:org.open-scap.cpe.unix:ste:1" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
@@ -470,5 +719,41 @@
<rpminfo_state id="oval:org.open-scap.cpe.fedora:ste:24" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<version operation="pattern match">^24$</version>
</rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.sles:ste:2" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <name operation="pattern match">^sles-release</name>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.sled:ste:2" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <name operation="pattern match">^sled-release</name>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.sles:ste:10" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^10($|[^\d])</version>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.sles:ste:11" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^11($|[^\d])</version>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.sles:ste:12" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^12($|[^\d])</version>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.sled:ste:10" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^10($|[^\d])</version>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.sled:ste:11" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^11($|[^\d])</version>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.sled:ste:12" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^12($|[^\d])</version>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.opensuse:ste:2" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <name operation="pattern match">^openSUSE-release</name>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.opensuse:ste:114" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^11.4$</version>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.opensuse:ste:131" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^13.1$</version>
+ </rpminfo_state>
+ <rpminfo_state id="oval:org.open-scap.cpe.opensuse:ste:132" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
+ <version operation="pattern match">^13.2$</version>
+ </rpminfo_state>
</states>
</oval_definitions>

25
openscap.changes
View File

@ -1,3 +1,28 @@
-------------------------------------------------------------------
Thu Dec 3 13:06:14 UTC 2015 - meissner@suse.com
- openscap 1.2.7 release
- New features
- OVAL 5.11.1 fully supported
- oscap-vm - tool for offline scanning of virtual machines
- verbose mode
- added SLED, SLES and OpenSUSE CPE names
- show profile description in HTML report and guide
- group rules by PCI DSS identifier in HTML report
- preliminary support for Ansible Playbooks within xccdf:fix
- added "How to contribute" and "Versioning" documents
- Maintenance
- using bziped RHSA documents in oscap-docker
- fixed errors of sysctl probe
- fixed skip-valid option (issue #203)
- fixed segmentation faults in SCE content reporting (issue #231)
- fixed tracebacks of scap-as-rpm
- fixed invalid memory reads in rpmverifyfile probe (issue #212)
- updated README and user manual
- many small bugfixes and new tests
- openscap-new-inventory.patch: upstreamed
- fix-missing-include.dif: refreshed, 1 hunk upstream
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Oct 9 09:35:46 UTC 2015 - meissner@suse.com Fri Oct 9 09:35:46 UTC 2015 - meissner@suse.com

6
openscap.spec
View File

@ -20,7 +20,7 @@
%define with_bindings 0 %define with_bindings 0
Name: openscap Name: openscap
Version: 1.2.6 Version: 1.2.7
Release: 1.0 Release: 1.0
Source: https://fedorahosted.org/releases/o/p/openscap/%name-%version.tar.gz Source: https://fedorahosted.org/releases/o/p/openscap/%name-%version.tar.gz
Source5: https://fedorahosted.org/releases/o/p/openscap/%name-%version.tar.gz.sha1sum Source5: https://fedorahosted.org/releases/o/p/openscap/%name-%version.tar.gz.sha1sum
@ -32,10 +32,10 @@ Source2: sysconfig.oscap-scan
Source3: scap-yast2sec-xccdf.xml Source3: scap-yast2sec-xccdf.xml
Source4: scap-yast2sec-oval.xml Source4: scap-yast2sec-oval.xml
Patch0: fix-missing-include.dif Patch0: fix-missing-include.dif
Patch1: openscap-new-inventory.patch
Url: http://www.open-scap.org/ Url: http://www.open-scap.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: libacl-devel BuildRequires: libacl-devel
BuildRequires: libbz2-devel
BuildRequires: libcurl-devel BuildRequires: libcurl-devel
BuildRequires: libgcrypt-devel BuildRequires: libgcrypt-devel
BuildRequires: libxml2-devel BuildRequires: libxml2-devel
@ -149,7 +149,6 @@ commonly used and require additional dependencies.
%prep %prep
%setup -q %setup -q
%patch0 -p1 %patch0 -p1
%patch1 -p1
%build %build
@ -273,6 +272,7 @@ ln -s %{_datadir}/openscap/scap-yast2sec-xccdf.xml $RPM_BUILD_ROOT/%{_datadir}/
%{_initrddir}/oscap-scan %{_initrddir}/oscap-scan
%{_mandir}/man8/* %{_mandir}/man8/*
%{_bindir}/oscap %{_bindir}/oscap
%{_bindir}/oscap-vm
%{_bindir}/oscap-ssh %{_bindir}/oscap-ssh
%{_bindir}/scap-as-rpm %{_bindir}/scap-as-rpm
%config %{_sysconfdir}/bash_completion.d/* %config %{_sysconfdir}/bash_completion.d/*