commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2024-06-03 17:43:27 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.24587 (New) Package is "scap-security-guide" Mon Jun 3 17:43:27 2024 rev:35 rq:1178138 version:0.1.73 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2024-02-14 23:19:01.772881956 +0100 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.24587/scap-security-guide.changes 2024-06-03 17:43:32.155194338 +0200 @@ -1,0 +2,9 @@ +Fri May 31 07:52:33 UTC 2024 - Rumen Chikov + +- updated to 0.1.73 (jsc#ECO-3319) + - CMP 2417: Implement PCI-DSS v4.0 outline for OpenShift (#11651) + - Update all RHEL ANSSI BP028 profiles to be aligned with configuration recommendations version 2.0 + - Generate rule references from control files (#11540) + - Initial implementation of STIG V1R1 profile for Ubuntu 22.04 LTS (#11820) + +--- Old: v0.1.72.tar.gz New: v0.1.73.tar.gz Other differences: -- ++ scap-security-guide.spec ++ --- /var/tmp/diff_new_pack.i77eZN/_old 2024-06-03 17:43:33.807254712 +0200 +++ /var/tmp/diff_new_pack.i77eZN/_new 2024-06-03 17:43:33.807254712 +0200 @@ -42,7 +42,7 @@ %endif Name: scap-security-guide -Version:0.1.72 +Version:0.1.73 Release:0 Summary:XCCDF files for SUSE Linux and openSUSE License:BSD-3-Clause @@ -137,11 +137,15 @@ SUSE supported in this version of scap-security-guide: - DISA STIG profile for SUSE Linux Enterprise Server 12 and 15 +- ANSSI-BP-028 profile for SUSE Linux Enterprise Server 12 and 15 - PCI-DSS profile for SUSE Linux Enterprise Server 12 and 15 - HIPAA profile for SUSE Linux Enterprise Server 12 and 15 +- CIS profile for SUSE Linux Enterprise Server 12 and 15 +- Hardening for Public Cloud Image of SUSE Linux Enterprise Server for SAP Applications 15 +- Public Cloud Hardening for SUSE Linux Enterprise 15 -Other profiles, like the CIS profile, are community supplied and -not officially supported by SUSE. +Other profiles, like the Standard System Security Profile for SUSE Linux Enterprise 12 and 15, +are community supplied and not officially supported by SUSE. %package redhat Summary:XCCDF files for RHEL, CentOS, Fedora and ScientificLinux ++ v0.1.72.tar.gz -> v0.1.73.tar.gz ++ /work/SRC/openSUSE:Factory/scap-security-guide/v0.1.72.tar.gz /work/SRC/openSUSE:Factory/.scap-security-guide.new.24587/v0.1.73.tar.gz differ: char 13, line 1
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2024-01-10 21:53:20 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.21961 (New) Package is "scap-security-guide" Wed Jan 10 21:53:20 2024 rev:33 rq:1137951 version:0.1.71 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2023-12-21 23:39:32.496570854 +0100 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.21961/scap-security-guide.changes 2024-01-10 21:53:34.622977766 +0100 @@ -8,0 +9,2 @@ +- removed left over file + 0001-Revert-fix-aide-remediations-add-crontabs.patch upstreamed in 0.1.69 Other differences: -- ++ scap-security-guide.spec ++ --- /var/tmp/diff_new_pack.gkCrjP/_old 2024-01-10 21:53:35.138996558 +0100 +++ /var/tmp/diff_new_pack.gkCrjP/_new 2024-01-10 21:53:35.142996704 +0100 @@ -1,7 +1,7 @@ # # spec file for package scap-security-guide # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2023-10-19 22:49:44
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1945 (New)
Package is "scap-security-guide"
Thu Oct 19 22:49:44 2023 rev:30 rq:1118850 version:0.1.70
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2023-08-03 17:30:40.180085325 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1945/scap-security-guide.changes
2023-10-19 22:52:08.648931318 +0200
@@ -1,0 +2,9 @@
+Tue Oct 17 14:44:03 UTC 2023 - Marcus Meissner
+
+- updated to 0.1.70 (jsc#ECO-3319)
+ - Add openembedded distro support (#10793)
+ - Remove DRAFT wording for OpenShift STIG (#11100)
+ - Remove test-function-check_playbook_file_removed_and_added test (#10982)
+ - scap-security-guide: Add Poky support (#11046)
+
+---
Old:
v0.1.69.tar.gz
New:
v0.1.70.tar.gz
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.FRkrXZ/_old 2023-10-19 22:52:09.252953226 +0200
+++ /var/tmp/diff_new_pack.FRkrXZ/_new 2023-10-19 22:52:09.256953370 +0200
@@ -42,13 +42,14 @@
%endif
Name: scap-security-guide
-Version:0.1.69
+Version:0.1.70
Release:0
Summary:XCCDF files for SUSE Linux and openSUSE
License:BSD-3-Clause
Group: Productivity/Security
URL:https://github.com/ComplianceAsCode/content
%if "%{_vendor}" == "debbuild"
+Packager: SUSE Security Team
%endif
Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
@@ -211,6 +212,7 @@
-DSSG_PRODUCT_OL8=ON \
-DSSG_PRODUCT_OL9=ON \
-DSSG_PRODUCT_OPENSUSE=ON \
+-DSSG_PRODUCT_OPENEMBEDDED=OFF \
-DSSG_PRODUCT_RHCOS4=ON \
-DSSG_PRODUCT_RHEL7=ON \
-DSSG_PRODUCT_RHEL8=ON \
++ v0.1.69.tar.gz -> v0.1.70.tar.gz ++
/work/SRC/openSUSE:Factory/scap-security-guide/v0.1.69.tar.gz
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1945/v0.1.70.tar.gz differ:
char 50, line 1
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2023-08-03 17:30:31
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.22712 (New)
Package is "scap-security-guide"
Thu Aug 3 17:30:31 2023 rev:29 rq:1102115 version:0.1.69
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2023-07-27 16:53:17.118653912 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.22712/scap-security-guide.changes
2023-08-03 17:30:40.180085325 +0200
@@ -1,0 +2,15 @@
+Wed Aug 2 13:49:20 UTC 2023 - Marcus Meissner
+
+- updated to 0.1.69 (jsc#ECO-3319)
+ - Introduce a JSON build manifest (#10761)
+ - Introduce a script to compare ComplianceAsCode versions (#10768)
+ - Introduce CCN profiles for RHEL9 (#10860)
+ - Map rules to components (#10609)
+ - products/anolis23: supports Anolis OS 23 (#10548)
+ - Render components to HTML (#10709)
+ - Store rendered control files (#10656)
+ - Test and use rules to components mapping (#10693)
+ - Use distributed product properties (#10554)
+- 0001-Revert-fix-aide-remediations-add-crontabs.patch: removed, upstream
+
+---
Old:
0001-Revert-fix-aide-remediations-add-crontabs.patch
v0.1.68.tar.gz
New:
v0.1.69.tar.gz
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.q5qJd7/_old 2023-08-03 17:30:42.068096751 +0200
+++ /var/tmp/diff_new_pack.q5qJd7/_new 2023-08-03 17:30:42.076096799 +0200
@@ -42,18 +42,15 @@
%endif
Name: scap-security-guide
-Version:0.1.68
+Version:0.1.69
Release:0
Summary:XCCDF files for SUSE Linux and openSUSE
License:BSD-3-Clause
Group: Productivity/Security
URL:https://github.com/ComplianceAsCode/content
%if "%{_vendor}" == "debbuild"
-Packager: SUSE Security Team
%endif
Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
-# upstream fix, will be in 0.69
-Patch1: 0001-Revert-fix-aide-remediations-add-crontabs.patch
# explicit require what is needed by the detection logic in the scripts
Requires: coreutils
@@ -192,7 +189,6 @@
%prep
%setup -q -n content-%version
-%autopatch -p1
%build
cd build
@@ -234,6 +230,7 @@
-DSSG_PRODUCT_WRLINUX8=OFF \
-DSSG_PRODUCT_WRLINUX1019=OFF \
-DSSG_PRODUCT_ANOLIS8=OFF \
+ -DSSG_PRODUCT_ANOLIS23=OFF \
../
make
++ v0.1.68.tar.gz -> v0.1.69.tar.gz ++
/work/SRC/openSUSE:Factory/scap-security-guide/v0.1.68.tar.gz
/work/SRC/openSUSE:Factory/.scap-security-guide.new.22712/v0.1.69.tar.gz
differ: char 22, line 1
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2023-07-27 16:53:01
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.32662 (New)
Package is "scap-security-guide"
Thu Jul 27 16:53:01 2023 rev:28 rq:1101012 version:0.1.68
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2023-06-16 16:56:37.854339857 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.32662/scap-security-guide.changes
2023-07-27 16:53:17.118653912 +0200
@@ -1,0 +2,6 @@
+Thu Jul 27 06:58:41 UTC 2023 - Marcus Meissner
+
+- 0001-Revert-fix-aide-remediations-add-crontabs.patch:
+ revert patch that breaks the SLE hardening (bsc#1213691)
+
+---
New:
0001-Revert-fix-aide-remediations-add-crontabs.patch
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.ayDZct/_old 2023-07-27 16:53:17.762657551 +0200
+++ /var/tmp/diff_new_pack.ayDZct/_new 2023-07-27 16:53:17.770657596 +0200
@@ -52,6 +52,8 @@
Packager: SUSE Security Team
%endif
Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
+# upstream fix, will be in 0.69
+Patch1: 0001-Revert-fix-aide-remediations-add-crontabs.patch
# explicit require what is needed by the detection logic in the scripts
Requires: coreutils
@@ -190,6 +192,7 @@
%prep
%setup -q -n content-%version
+%autopatch -p1
%build
cd build
++ 0001-Revert-fix-aide-remediations-add-crontabs.patch ++
>From 8f31dae05cc55de178f3038587ca0d6ff5d12b69 Mon Sep 17 00:00:00 2001
From: Eduardo Barretto
Date: Thu, 29 Jun 2023 12:14:35 +0200
Subject: [PATCH] Revert "fix: aide/remediations: add crontabs"
This reverts commit ac8389e3ddab599f6f5bf7465636817fb8dbbf3e.
Fixes #10725
---
.../aide/aide_periodic_cron_checking/ansible/shared.yml | 6 +++---
.../aide/aide_periodic_cron_checking/bash/shared.sh | 1 -
.../aide/aide_periodic_cron_checking/bash/ubuntu.sh | 1 -
.../aide/aide_scan_notification/ansible/shared.yml | 6 +++---
.../aide/aide_scan_notification/bash/shared.sh | 1 -
5 files changed, 6 insertions(+), 9 deletions(-)
diff --git
a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml
b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml
index 7d4063bda2..d60c2e5464 100644
---
a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml
+++
b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml
@@ -5,10 +5,10 @@
# disruption = low
- name: "Ensure AIDE is installed"
package:
-name:
- - aide
- - crontabs
+name: "{{ item }}"
state: present
+ with_items:
+- aide
- name: Set cron package name - RedHat
set_fact:
diff --git
a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
index a4dac78100..dfa5c1b6c8 100644
---
a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
+++
b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
@@ -1,7 +1,6 @@
# platform = Red Hat Virtualization
4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
{{{ bash_package_install("aide") }}}
-{{{ bash_package_install("crontabs") }}}
if ! grep -q "{{{ aide_bin_path }}} --check" /etc/crontab ; then
echo "05 4 * * * root {{{ aide_bin_path }}} --check" >> /etc/crontab
diff --git
a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/ubuntu.sh
b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/ubuntu.sh
index 00bd493ac7..719fd764af 100644
---
a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/ubuntu.sh
+++
b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/ubuntu.sh
@@ -1,7 +1,6 @@
# platform = multi_platform_ubuntu
{{{ bash_package_install("aide") }}}
-{{{ bash_package_install("crontabs") }}}
# AiDE usually adds its own cron jobs to /etc/cron.daily. If script is there,
this rule is
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2023-06-16 16:55:37
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.15902 (New)
Package is "scap-security-guide"
Fri Jun 16 16:55:37 2023 rev:27 rq:1093441 version:0.1.68
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2023-02-07 18:48:59.835103349 +0100
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.15902/scap-security-guide.changes
2023-06-16 16:56:37.854339857 +0200
@@ -1,0 +2,19 @@
+Thu Jun 15 15:40:16 UTC 2023 - Marcus Meissner
+
+- updated to 0.1.68 (jsc#ECO-3319)
+ - Bump OL8 STIG version to V1R6
+ - Introduce a Product class, make the project work with it
+ - Introduce Fedora and Firefox CaC profiles for common workstation users
+ - OL7 DISA STIG v2r11 update
+ - Publish rendered policy artifacts
+ - Update ANSSI BP-028 to version 2.0
+- updated to 0.1.67 (jsc#ECO-3319)
+ - Add utils/controlrefcheck.py
+ - RHEL 9 STIG Update Q1 2023
+ - Include warning for NetworkManager keyfiles in RHEL9
+ - OL7 stig v2r10 update
+ - Bump version of OL8 STIG to V1R5
+- various enhancements to SLE profiles
+- scap-security-guide-UnicodeEncodeError-character-fix.patch: fixed upstream
+
+---
Old:
scap-security-guide-UnicodeEncodeError-character-fix.patch
v0.1.66.tar.gz
New:
v0.1.68.tar.gz
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.R4uzqG/_old 2023-06-16 16:56:38.846345710 +0200
+++ /var/tmp/diff_new_pack.R4uzqG/_new 2023-06-16 16:56:38.850345733 +0200
@@ -1,7 +1,7 @@
#
# spec file for package scap-security-guide
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -42,7 +42,7 @@
%endif
Name: scap-security-guide
-Version:0.1.66
+Version:0.1.68
Release:0
Summary:XCCDF files for SUSE Linux and openSUSE
License:BSD-3-Clause
@@ -52,7 +52,6 @@
Packager: SUSE Security Team
%endif
Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
-Patch0: scap-security-guide-UnicodeEncodeError-character-fix.patch
# explicit require what is needed by the detection logic in the scripts
Requires: coreutils
@@ -190,8 +189,7 @@
Note that the included profiles are community supplied and not officially
supported by SUSE..
%prep
-%setup -n content-%version
-%patch0 -p0
+%setup -q -n content-%version
%build
cd build
++ v0.1.66.tar.gz -> v0.1.68.tar.gz ++
/work/SRC/openSUSE:Factory/scap-security-guide/v0.1.66.tar.gz
/work/SRC/openSUSE:Factory/.scap-security-guide.new.15902/v0.1.68.tar.gz
differ: char 16, line 1
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2023-02-07 18:48:50 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.4462 (New) Package is "scap-security-guide" Tue Feb 7 18:48:50 2023 rev:26 rq:1063457 version:0.1.66 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2022-12-12 17:42:16.233985631 +0100 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.4462/scap-security-guide.changes 2023-02-07 18:48:59.835103349 +0100 @@ -1,0 +2,12 @@ +Mon Feb 6 15:03:31 UTC 2023 - Marcus Meissner + +- updated to 0.1.66 (jsc#ECO-3319) + Â - Ubuntu 22.04 CIS + Â - OL7 stig v2r9 update + Â - Bump OL8 STIG version to V1R4 + Â - Update RHEL7 STIG to V3R10 + Â - Update RHEL8 STIG to V1R9 + Â - Introduce CIS RHEL9 profiles +- also various SUSE profile fixes were done + +--- Old: v0.1.65.tar.gz New: v0.1.66.tar.gz Other differences: -- ++ scap-security-guide.spec ++ --- /var/tmp/diff_new_pack.V1RsuH/_old 2023-02-07 18:49:00.627107605 +0100 +++ /var/tmp/diff_new_pack.V1RsuH/_new 2023-02-07 18:49:00.635107649 +0100 @@ -42,7 +42,7 @@ %endif Name: scap-security-guide -Version:0.1.65 +Version:0.1.66 Release:0 Summary:XCCDF files for SUSE Linux and openSUSE License:BSD-3-Clause ++ v0.1.65.tar.gz -> v0.1.66.tar.gz ++ /work/SRC/openSUSE:Factory/scap-security-guide/v0.1.65.tar.gz /work/SRC/openSUSE:Factory/.scap-security-guide.new.4462/v0.1.66.tar.gz differ: char 15, line 1
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2022-12-12 17:40:08 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1835 (New) Package is "scap-security-guide" Mon Dec 12 17:40:08 2022 rev:25 rq:1042353 version:0.1.65 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2022-12-03 10:03:49.231301642 +0100 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.1835/scap-security-guide.changes 2022-12-12 17:42:16.233985631 +0100 @@ -1,0 +2,11 @@ +Mon Dec 5 10:44:15 UTC 2022 - Marcus Meissner + +- updated to 0.1.65 (jsc#ECO-3319) + - Introduce cui profile for OL9 + - Remove Support for OVAL 5.10 + - Rename account_passwords_pam_faillock_audit + - CI ansible hardening and rename of existing Bash hardening + - Update contributors list for v0.1.65 release + - various SUSE profile specific fixes + +--- Old: v0.1.64.tar.gz New: v0.1.65.tar.gz Other differences: -- ++ scap-security-guide.spec ++ --- /var/tmp/diff_new_pack.qOFLGY/_old 2022-12-12 17:42:16.873989230 +0100 +++ /var/tmp/diff_new_pack.qOFLGY/_new 2022-12-12 17:42:16.877989253 +0100 @@ -42,7 +42,7 @@ %endif Name: scap-security-guide -Version:0.1.64 +Version:0.1.65 Release:0 Summary:XCCDF files for SUSE Linux and openSUSE License:BSD-3-Clause @@ -55,14 +55,13 @@ Patch0: scap-security-guide-UnicodeEncodeError-character-fix.patch # explicit require what is needed by the detection logic in the scripts +Requires: coreutils +Requires: findutils Requires: gawk -Requires: sed Requires: grep -Requires: findutils -Requires: coreutils -Requires: zypper +Requires: sed Requires: sudo - +Requires: zypper BuildRequires: cmake @@ -233,6 +232,7 @@ -DSSG_PRODUCT_EKS=OFF \ -DSSG_PRODUCT_WRLINUX8=OFF \ -DSSG_PRODUCT_WRLINUX1019=OFF \ + -DSSG_PRODUCT_ANOLIS8=OFF \ ../ make ++ v0.1.64.tar.gz -> v0.1.65.tar.gz ++ /work/SRC/openSUSE:Factory/scap-security-guide/v0.1.64.tar.gz /work/SRC/openSUSE:Factory/.scap-security-guide.new.1835/v0.1.65.tar.gz differ: char 33, line 1
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2022-12-03 10:03:34 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1835 (New) Package is "scap-security-guide" Sat Dec 3 10:03:34 2022 rev:24 rq:1039608 version:0.1.64 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2022-10-06 07:42:33.356734303 +0200 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.1835/scap-security-guide.changes 2022-12-03 10:03:49.231301642 +0100 @@ -1,0 +2,5 @@ +Fri Nov 25 13:16:15 UTC 2022 - Marcus Meissner + +- require sudo, as remediations touch sudo config or use sudo. + +--- Other differences: -- ++ scap-security-guide.spec ++ --- /var/tmp/diff_new_pack.FJYW6p/_old 2022-12-03 10:03:49.767304621 +0100 +++ /var/tmp/diff_new_pack.FJYW6p/_new 2022-12-03 10:03:49.771304643 +0100 @@ -61,6 +61,7 @@ Requires: findutils Requires: coreutils Requires: zypper +Requires: sudo BuildRequires: cmake
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2022-10-06 07:42:23 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.2275 (New) Package is "scap-security-guide" Thu Oct 6 07:42:23 2022 rev:23 rq:1008181 version:0.1.64 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2022-10-01 17:44:26.405810193 +0200 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.2275/scap-security-guide.changes 2022-10-06 07:42:33.356734303 +0200 @@ -1,0 +2,5 @@ +Wed Oct 5 09:21:53 UTC 2022 - Marcus Meissner + +- enable ubuntu 2204 build + +--- Other differences: -- ++ scap-security-guide.spec ++ --- /var/tmp/diff_new_pack.RvjQM2/_old 2022-10-06 07:42:33.860735425 +0200 +++ /var/tmp/diff_new_pack.RvjQM2/_new 2022-10-06 07:42:33.868735443 +0200 @@ -226,6 +226,7 @@ -DSSG_PRODUCT_UBUNTU1604=ON \ -DSSG_PRODUCT_UBUNTU1804=ON \ -DSSG_PRODUCT_UBUNTU2004=ON \ +-DSSG_PRODUCT_UBUNTU2204=ON \ -DSSG_PRODUCT_UOS20=OFF \ -DSSG_PRODUCT_VSEL=OFF \ -DSSG_PRODUCT_EKS=OFF \
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2022-10-01 17:44:00 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.2275 (New) Package is "scap-security-guide" Sat Oct 1 17:44:00 2022 rev:22 rq:1007411 version:0.1.64 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2022-09-21 14:44:08.578029528 +0200 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.2275/scap-security-guide.changes 2022-10-01 17:44:26.405810193 +0200 @@ -1,0 +2,11 @@ +Sat Oct 1 08:56:49 UTC 2022 - Marcus Meissner + +- updated to 0.1.64 (jsc#ECO-3319) + - Introduce ol9 stig profile + - Introduce Ol9 anssi profiles + - Update RHEL8 STIG to V1R7 + - Introduce e8 profile for OL9 + - Update RHEL7 STIG to V3R8 + - some SUSE profile fixes + +--- Old: v0.1.63.tar.gz New: v0.1.64.tar.gz Other differences: -- ++ scap-security-guide.spec ++ --- /var/tmp/diff_new_pack.MJtck4/_old 2022-10-01 17:44:27.029811328 +0200 +++ /var/tmp/diff_new_pack.MJtck4/_new 2022-10-01 17:44:27.033811336 +0200 @@ -42,7 +42,7 @@ %endif Name: scap-security-guide -Version:0.1.63 +Version:0.1.64 Release:0 Summary:XCCDF files for SUSE Linux and openSUSE License:BSD-3-Clause @@ -212,6 +212,7 @@ -DSSG_PRODUCT_OCP4=OFF \ -DSSG_PRODUCT_OL7=ON \ -DSSG_PRODUCT_OL8=ON \ +-DSSG_PRODUCT_OL9=ON \ -DSSG_PRODUCT_OPENSUSE=ON \ -DSSG_PRODUCT_RHCOS4=ON \ -DSSG_PRODUCT_RHEL7=ON \ ++ v0.1.63.tar.gz -> v0.1.64.tar.gz ++ /work/SRC/openSUSE:Factory/scap-security-guide/v0.1.63.tar.gz /work/SRC/openSUSE:Factory/.scap-security-guide.new.2275/v0.1.64.tar.gz differ: char 15, line 1
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2022-09-21 14:43:08
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.2083 (New)
Package is "scap-security-guide"
Wed Sep 21 14:43:08 2022 rev:21 rq:1005139 version:0.1.63
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2022-08-03 21:16:45.335451138 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.2083/scap-security-guide.changes
2022-09-21 14:44:08.578029528 +0200
@@ -1,0 +2,6 @@
+Wed Sep 21 08:24:30 UTC 2022 - Marcus Meissner
+
+- Added several RPM requires that are needed by the SUSE remediation
+ scripts. (e.g. awk is not necessary installed)
+
+---
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.utza5s/_old 2022-09-21 14:44:09.106030906 +0200
+++ /var/tmp/diff_new_pack.utza5s/_new 2022-09-21 14:44:09.106030906 +0200
@@ -53,6 +53,16 @@
%endif
Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
Patch0: scap-security-guide-UnicodeEncodeError-character-fix.patch
+
+# explicit require what is needed by the detection logic in the scripts
+Requires: gawk
+Requires: sed
+Requires: grep
+Requires: findutils
+Requires: coreutils
+Requires: zypper
+
+
BuildRequires: cmake
%if "%{_vendor}" == "debbuild"
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2022-08-03 21:16:33
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1533 (New)
Package is "scap-security-guide"
Wed Aug 3 21:16:33 2022 rev:20 rq:992448 version:0.1.63
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2022-07-18 18:33:17.729702706 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1533/scap-security-guide.changes
2022-08-03 21:16:45.335451138 +0200
@@ -1,0 +2,17 @@
+Sat Jul 30 13:59:29 UTC 2022 - Marcus Meissner
+
+- updated to 0.1.63 (jsc#ECO-3319)
+ - multiple bugfixes in SUSE profiles
+ - Expand project guidelines
+ - Add Draft OCP4 STIG profile
+ - Add anssi_bp28_intermediary profile
+ - add products/uos20 to support UnionTech OS Server 20
+ - products/alinux3: Add CIS Alibaba Cloud Linux 3 profiles
+ - Remove WRLinux Products
+ - Update CIS RHEL8 Benchmark for v2.0.0
+- removed fix-bash-template.patch: fixed upstream
+- Fixed: stig: /etc/shadow group owner should not be root but shadow
(bsc#1200149)
+- Fixed: sles15_script-stig.sh: remediation_functions: No such file or
directory (bsc#1200163)
+- Fixed: SLES-15-010130 - The SUSE operating system must initiate a session
lock after a 15-minute period of inactivity (bsc#1200122)
+
+---
Old:
fix-bash-template.patch
v0.1.62.tar.gz
New:
v0.1.63.tar.gz
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.3mBAvP/_old 2022-08-03 21:16:46.247453531 +0200
+++ /var/tmp/diff_new_pack.3mBAvP/_new 2022-08-03 21:16:46.251453542 +0200
@@ -42,7 +42,7 @@
%endif
Name: scap-security-guide
-Version:0.1.62
+Version:0.1.63
Release:0
Summary:XCCDF files for SUSE Linux and openSUSE
License:BSD-3-Clause
@@ -53,8 +53,6 @@
%endif
Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
Patch0: scap-security-guide-UnicodeEncodeError-character-fix.patch
-# upstream d9aa7a49d135be60e1a6f9d2ce4e29560482b3d0 and
3485c8298957b24d97a563079fd648004a92822b
-Patch1: fix-bash-template.patch
BuildRequires: cmake
%if "%{_vendor}" == "debbuild"
@@ -184,13 +182,14 @@
%prep
%setup -n content-%version
%patch0 -p0
-%patch1 -p1
%build
cd build
cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DCMAKE_INSTALL_MANDIR=%{_mandir} \
-DSSG_PRODUCT_CHROMIUM=OFF \
+-DSSG_PRODUCT_ALINUX2=OFF \
+-DSSG_PRODUCT_ALINUX3=OFF \
-DSSG_PRODUCT_DEBIAN9=ON \
-DSSG_PRODUCT_DEBIAN10=ON \
-DSSG_PRODUCT_DEFAULT=ON \
@@ -216,6 +215,7 @@
-DSSG_PRODUCT_UBUNTU1604=ON \
-DSSG_PRODUCT_UBUNTU1804=ON \
-DSSG_PRODUCT_UBUNTU2004=ON \
+-DSSG_PRODUCT_UOS20=OFF \
-DSSG_PRODUCT_VSEL=OFF \
-DSSG_PRODUCT_EKS=OFF \
-DSSG_PRODUCT_WRLINUX8=OFF \
++ v0.1.62.tar.gz -> v0.1.63.tar.gz ++
103317 lines of diff (skipped)
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2022-07-18 18:33:10
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1523 (New)
Package is "scap-security-guide"
Mon Jul 18 18:33:10 2022 rev:19 rq:989425 version:0.1.62
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2022-07-06 15:42:38.566573841 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1523/scap-security-guide.changes
2022-07-18 18:33:17.729702706 +0200
@@ -1,0 +2,5 @@
+Fri Jul 15 11:57:43 UTC 2022 - Julio Gonz??lez Gil
+
+- Fix the build for RHEL 7 and clones (python-setuptools is used)
+
+---
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.gSlOUb/_old 2022-07-18 18:33:18.181703349 +0200
+++ /var/tmp/diff_new_pack.gSlOUb/_new 2022-07-18 18:33:18.185703355 +0200
@@ -68,7 +68,11 @@
BuildRequires: openscap-utils
%endif
+%if 0%{?rhel} == 7
+BuildRequires: python-setuptools
+%else
BuildRequires: python3-setuptools
+%endif
%if 0%{?rhel} == 8
BuildRequires: python3
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2022-07-06 15:42:24
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1548 (New)
Package is "scap-security-guide"
Wed Jul 6 15:42:24 2022 rev:18 rq:987136 version:0.1.62
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2022-06-28 15:23:19.894028303 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1548/scap-security-guide.changes
2022-07-06 15:42:38.566573841 +0200
@@ -1,0 +2,5 @@
+Wed Jul 6 09:26:15 UTC 2022 - Julio Gonz??lez Gil
+
+- Fix the build for RHEL 9 and clones
+
+---
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.l5msba/_old 2022-07-06 15:42:38.990574449 +0200
+++ /var/tmp/diff_new_pack.l5msba/_new 2022-07-06 15:42:38.994574454 +0200
@@ -95,7 +95,7 @@
%if 0%{?rhel} == 7
BuildRequires: python-jinja2
%else
-%if 0%{?rhel} == 8
+%if 0%{?rhel} >= 8
BuildRequires: python3-jinja2
%else
%if "%{_vendor}" == "debbuild"
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2022-06-28 15:22:59
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1548 (New)
Package is "scap-security-guide"
Tue Jun 28 15:22:59 2022 rev:17 rq:985543 version:0.1.62
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2022-06-10 15:58:02.816857868 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1548/scap-security-guide.changes
2022-06-28 15:23:19.894028303 +0200
@@ -1,0 +2,6 @@
+Mon Jun 27 12:59:21 UTC 2022 - Marcus Meissner
+
+- fix-bash-template.patch: convert one bash emitter to new jinja method.
+ (bsc#1200163)
+
+---
New:
fix-bash-template.patch
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.qCsvvS/_old 2022-06-28 15:23:20.902029807 +0200
+++ /var/tmp/diff_new_pack.qCsvvS/_new 2022-06-28 15:23:20.906029814 +0200
@@ -53,6 +53,8 @@
%endif
Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
Patch0: scap-security-guide-UnicodeEncodeError-character-fix.patch
+# upstream d9aa7a49d135be60e1a6f9d2ce4e29560482b3d0 and
3485c8298957b24d97a563079fd648004a92822b
+Patch1: fix-bash-template.patch
BuildRequires: cmake
%if "%{_vendor}" == "debbuild"
@@ -178,6 +180,7 @@
%prep
%setup -n content-%version
%patch0 -p0
+%patch1 -p1
%build
cd build
++ fix-bash-template.patch ++
diff --git a/shared/templates/audit_rules_syscall_events/bash.template
b/shared/templates/audit_rules_syscall_events/bash.template
index 6532554875..bd5bb94cb9 100644
--- a/shared/templates/audit_rules_syscall_events/bash.template
+++ b/shared/templates/audit_rules_syscall_events/bash.template
@@ -1,19 +1,20 @@
# platform =
multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-# Include source function library.
-. /usr/share/scap-security-guide/remediation_functions
-
# First perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
[ "$(getconf LONG_BIT)" = "32" ] && RULE_ARCHS=("b32") || RULE_ARCHS=("b32"
"b64")
for ARCH in "${RULE_ARCHS[@]}"
do
- PATTERN="-a always,exit -F arch=$ARCH -S {{{ ATTR }}}.*"
- GROUP="perm_mod"
- FULL_RULE="-a always,exit -F arch=$ARCH -S {{{ ATTR }}} -F auid>={{{
auid }}} -F auid!=4294967295 -F key=perm_mod"
+ # FULL_RULE="-a always,exit -F arch=$ARCH -S {{{ ATTR }}} -F auid>={{{
auid }}} -F auid!=4294967295 -F key=perm_mod"
+ ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
+ SYSCALL="{{{ ATTR }}}"
+ SYSCALL_GROUPING="{{{ ATTR }}}"
+ AUID_FILTERS="-F auid>={{{ auid }}} -F auid!=4294967295"
+ KEY="perm_mod"
+ OTHER_FILTERS=""
# Perform the remediation for both possible tools: 'auditctl' and
'augenrules'
- fix_audit_syscall_rule "augenrules" "$PATTERN" "$GROUP" "$ARCH"
"$FULL_RULE"
- fix_audit_syscall_rule "auditctl" "$PATTERN" "$GROUP" "$ARCH"
"$FULL_RULE"
+ {{{ bash_fix_audit_syscall_rule("augenrules","$ACTION_ARCH_FILTERS",
"$OTHER_FILTERS", "$AUID_FILTERS", "$SYSCALL", "$SYSCALL_GROUPING", "$KEY") }}}
+ {{{ bash_fix_audit_syscall_rule("auditctl", "$ACTION_ARCH_FILTERS",
"$OTHER_FILTERS", "$AUID_FILTERS", "$SYSCALL", "$SYSCALL_GROUPING", "$KEY") }}}
done
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2022-06-10 15:57:40
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1548 (New)
Package is "scap-security-guide"
Fri Jun 10 15:57:40 2022 rev:16 rq:981542 version:0.1.62
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2022-05-31 15:48:31.128033494 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1548/scap-security-guide.changes
2022-06-10 15:58:02.816857868 +0200
@@ -1,0 +2,6 @@
+Thu Jun 9 15:31:50 UTC 2022 - Marcus Meissner
+
+- add python3-setuptools for all builds (so it is also used on debian
+ and centos flavors)
+
+---
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.Hr3QDP/_old 2022-06-10 15:58:03.312858470 +0200
+++ /var/tmp/diff_new_pack.Hr3QDP/_new 2022-06-10 15:58:03.316858474 +0200
@@ -66,12 +66,13 @@
BuildRequires: openscap-utils
%endif
+BuildRequires: python3-setuptools
+
%if 0%{?rhel} == 8
BuildRequires: python3
%endif
%if 0%{?suse_version}
-BuildRequires: python3-setuptools
BuildRequires: python3-xml
%endif
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2022-05-31 15:47:23
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1548 (New)
Package is "scap-security-guide"
Tue May 31 15:47:23 2022 rev:15 rq:979906 version:0.1.62
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2022-04-11 23:50:35.066152598 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1548/scap-security-guide.changes
2022-05-31 15:48:31.128033494 +0200
@@ -1,0 +2,8 @@
+Mon May 30 12:48:54 UTC 2022 - Marcus Meissner
+
+- updated to 0.1.62 (jsc#ECO-3319)
+ - Update rhel8 stig to v1r6
+ - OL7 STIG v2r7 update
+ - Initial definition of ANSSI BP28 minmal profile for SLE
+
+---
Old:
v0.1.61.tar.gz
New:
v0.1.62.tar.gz
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.LZ4ktW/_old 2022-05-31 15:48:31.628033826 +0200
+++ /var/tmp/diff_new_pack.LZ4ktW/_new 2022-05-31 15:48:31.632033829 +0200
@@ -42,7 +42,7 @@
%endif
Name: scap-security-guide
-Version:0.1.61
+Version:0.1.62
Release:0
Summary:XCCDF files for SUSE Linux and openSUSE
License:BSD-3-Clause
@@ -71,8 +71,8 @@
%endif
%if 0%{?suse_version}
-BuildRequires: python3-xml
BuildRequires: python3-setuptools
+BuildRequires: python3-xml
%endif
%if 0%{?rhel} == 7
@@ -120,6 +120,15 @@
Language), CPE (Common Platform Enumeration) and DS (Data Stream)
files to run a compliance test on SLE12, SLE15 and openSUSE
+SUSE supported in this version of scap-security-guide:
+
+- DISA STIG profile for SUSE Linux Enterprise Server 12 and 15
+- PCI-DSS profile for SUSE Linux Enterprise Server 12 and 15
+- HIPAA profile for SUSE Linux Enterprise Server 12 and 15
+
+Other profiles, like the CIS profile, are community supplied and
+not officially supported by SUSE.
+
%package redhat
Summary:XCCDF files for RHEL, CentOS, Fedora and ScientificLinux
Group: Productivity/Security
@@ -135,6 +144,8 @@
Language), CPE (Common Platform Enumeration) and DS (Data Stream)
files to run a compliance test on various Redhat products, CentOS, Oracle
Linux, Fedora and ScientificLinux.
+Note that the included profiles are community supplied and not officially
supported by SUSE..
+
%package debian
Summary:XCCDF files for Debian
Group: Productivity/Security
@@ -147,6 +158,8 @@
Language), CPE (Common Platform Enumeration) and DS (Data Stream)
files to run a compliance test on Debian.
+Note that the included profiles are community supplied and not officially
supported by SUSE..
+
%package ubuntu
Summary:XCCDF files for Ubuntu
Group: Productivity/Security
@@ -159,6 +172,7 @@
Language), CPE (Common Platform Enumeration) and DS (Data Stream)
files to run a compliance test on Ubuntu.
+Note that the included profiles are community supplied and not officially
supported by SUSE..
%prep
%setup -n content-%version
++ v0.1.61.tar.gz -> v0.1.62.tar.gz ++
233799 lines of diff (skipped)
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2022-04-11 23:49:07
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1900 (New)
Package is "scap-security-guide"
Mon Apr 11 23:49:07 2022 rev:14 rq:969149 version:0.1.61
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2022-02-22 21:19:14.094297737 +0100
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1900/scap-security-guide.changes
2022-04-11 23:50:35.066152598 +0200
@@ -1,0 +2,8 @@
+Mon Apr 4 08:40:40 UTC 2022 - Marcus Meissner
+
+- updated to 0.1.61 (jsc#ECO-3319)
+ - Stop building PCI-DSS-centric XCCDF benchmark for RHEL 7
+ - Introduce OL9 product
+ - Implement handling of logical expressions in platform definitions
+
+---
Old:
v0.1.60.tar.gz
New:
v0.1.61.tar.gz
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.6O3qrs/_old 2022-04-11 23:50:36.738133522 +0200
+++ /var/tmp/diff_new_pack.6O3qrs/_new 2022-04-11 23:50:36.742133477 +0200
@@ -42,7 +42,7 @@
%endif
Name: scap-security-guide
-Version:0.1.60
+Version:0.1.61
Release:0
Summary:XCCDF files for SUSE Linux and openSUSE
License:BSD-3-Clause
@@ -72,6 +72,7 @@
%if 0%{?suse_version}
BuildRequires: python3-xml
+BuildRequires: python3-setuptools
%endif
%if 0%{?rhel} == 7
++ v0.1.60.tar.gz -> v0.1.61.tar.gz ++
143067 lines of diff (skipped)
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2022-02-22 21:18:30 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1958 (New) Package is "scap-security-guide" Tue Feb 22 21:18:30 2022 rev:13 rq:956819 version:0.1.60 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2022-01-29 20:59:59.167519495 +0100 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.1958/scap-security-guide.changes 2022-02-22 21:19:14.094297737 +0100 @@ -1,0 +2,5 @@ +Tue Feb 22 15:19:07 UTC 2022 - Marcus Meissner + +- bump disk size constraints to 7gb to avoid occasional disk fulls failures. + +--- Other differences: -- ++ _constraints ++ --- /var/tmp/diff_new_pack.soB8H6/_old 2022-02-22 21:19:14.898297885 +0100 +++ /var/tmp/diff_new_pack.soB8H6/_new 2022-02-22 21:19:14.902297887 +0100 @@ -1,7 +1,7 @@ - 6 + 7
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2022-01-29 20:59:27
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1898 (New)
Package is "scap-security-guide"
Sat Jan 29 20:59:27 2022 rev:12 rq:949739 version:0.1.60
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2021-12-02 02:26:33.092338129 +0100
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1898/scap-security-guide.changes
2022-01-29 20:59:59.167519495 +0100
@@ -1,0 +2,8 @@
+Thu Jan 27 13:43:18 UTC 2022 - Marcus Meissner
+
+- updated to 0.1.60 (jsc#ECO-3319)
+ - New draft stig profile v1r1 for OL8
+ - New product Amazon EKS platform and initial CIS profiles
+ - New product CentOS Stream 9, as a derivative from RHEL9 product
+
+---
Old:
v0.1.59.tar.gz
New:
v0.1.60.tar.gz
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.Eg7Ks2/_old 2022-01-29 20:59:59.831515031 +0100
+++ /var/tmp/diff_new_pack.Eg7Ks2/_new 2022-01-29 20:59:59.835515005 +0100
@@ -1,7 +1,7 @@
#
# spec file for package scap-security-guide
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -42,7 +42,7 @@
%endif
Name: scap-security-guide
-Version:0.1.59
+Version:0.1.60
Release:0
Summary:XCCDF files for SUSE Linux and openSUSE
License:BSD-3-Clause
@@ -194,6 +194,7 @@
-DSSG_PRODUCT_UBUNTU1804=ON \
-DSSG_PRODUCT_UBUNTU2004=ON \
-DSSG_PRODUCT_VSEL=OFF \
+ -DSSG_PRODUCT_EKS=OFF \
-DSSG_PRODUCT_WRLINUX8=OFF \
-DSSG_PRODUCT_WRLINUX1019=OFF \
../
@@ -234,10 +235,11 @@
%license LICENSE
%endif
%dir %{_datadir}/doc/scap-security-guide/guides/
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-centos*
+%doc %{_datadir}/doc/scap-security-guide/guides/ssg-cs9*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-fedora*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-ol*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-rh*
-%doc %{_datadir}/doc/scap-security-guide/guides/ssg-centos*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-sl7*
%dir %{_datadir}/doc/scap-security-guide/tables/
%doc %{_datadir}/doc/scap-security-guide/tables/table-ol*
@@ -248,18 +250,20 @@
%dir %{_datadir}/scap-security-guide/tailoring/
%dir %{_datadir}/scap-security-guide/bash/
%dir %{_datadir}/scap-security-guide/kickstart/
+%{_datadir}/scap-security-guide/*/*centos*
+%{_datadir}/scap-security-guide/*/*cs9*
%{_datadir}/scap-security-guide/*/*fedora*
%{_datadir}/scap-security-guide/*/*ol*
%{_datadir}/scap-security-guide/*/*rh*
%{_datadir}/scap-security-guide/*/*sl7*
-%{_datadir}/scap-security-guide/*/*centos*
%dir %{_datadir}/xml/scap/
%dir %{_datadir}/xml/scap/ssg/
%dir %{_datadir}/xml/scap/ssg/content/
+%{_datadir}/xml/scap/ssg/content/*-centos*
+%{_datadir}/xml/scap/ssg/content/*-cs9*
%{_datadir}/xml/scap/ssg/content/*-fedora*
%{_datadir}/xml/scap/ssg/content/*-ol*
%{_datadir}/xml/scap/ssg/content/*-rh*
-%{_datadir}/xml/scap/ssg/content/*-centos*
%{_datadir}/xml/scap/ssg/content/*-sl7*
%files debian
++ v0.1.59.tar.gz -> v0.1.60.tar.gz ++
70137 lines of diff (skipped)
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2021-11-30 23:15:52
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.31177 (New)
Package is "scap-security-guide"
Tue Nov 30 23:15:52 2021 rev:11 rq:934677 version:0.1.59
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2021-10-11 15:32:00.766883015 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.31177/scap-security-guide.changes
2021-12-02 02:26:33.092338129 +0100
@@ -1,0 +2,9 @@
+Sat Nov 27 15:39:12 UTC 2021 - Marcus Meissner
+
+- updated to 0.1.59 release (jsc#ECO-3319)
+ - Support for Debian 11
+ - NERC CIP profiles for OCP4 and RHCOS
+ - HIPAA profile for SLE15
+ - Delta Tailoring Files for STIG profiles
+
+---
Old:
v0.1.58.tar.gz
New:
v0.1.59.tar.gz
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.woLcos/_old 2021-12-02 02:26:33.748335864 +0100
+++ /var/tmp/diff_new_pack.woLcos/_new 2021-12-02 02:26:33.752335851 +0100
@@ -42,7 +42,7 @@
%endif
Name: scap-security-guide
-Version:0.1.58
+Version:0.1.59
Release:0
Summary:XCCDF files for SUSE Linux and openSUSE
License:BSD-3-Clause
@@ -245,6 +245,7 @@
%dir %{_datadir}/doc/scap-security-guide/
%dir %{_datadir}/scap-security-guide/
%dir %{_datadir}/scap-security-guide/ansible/
+%dir %{_datadir}/scap-security-guide/tailoring/
%dir %{_datadir}/scap-security-guide/bash/
%dir %{_datadir}/scap-security-guide/kickstart/
%{_datadir}/scap-security-guide/*/*fedora*
++ v0.1.58.tar.gz -> v0.1.59.tar.gz ++
224943 lines of diff (skipped)
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2021-10-11 15:31:10
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.2443 (New)
Package is "scap-security-guide"
Mon Oct 11 15:31:10 2021 rev:10 rq:924190 version:0.1.58
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2021-09-25 22:51:41.395367849 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.2443/scap-security-guide.changes
2021-10-11 15:32:00.766883015 +0200
@@ -1,0 +2,6 @@
+Wed Oct 6 09:00:15 UTC 2021 - Alexander Bergmann
+
+- Fix SLE-12 build issue caused by '\xb0' character (bsc#1191431).
+ - Add scap-security-guide-UnicodeEncodeError-character-fix.patch
+
+---
New:
scap-security-guide-UnicodeEncodeError-character-fix.patch
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.mUGJMQ/_old 2021-10-11 15:32:01.234883765 +0200
+++ /var/tmp/diff_new_pack.mUGJMQ/_new 2021-10-11 15:32:01.238883772 +0200
@@ -52,6 +52,7 @@
Packager: SUSE Security Team
%endif
Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
+Patch0: scap-security-guide-UnicodeEncodeError-character-fix.patch
BuildRequires: cmake
%if "%{_vendor}" == "debbuild"
@@ -159,7 +160,8 @@
%prep
-%autosetup -n content-%version
+%setup -n content-%version
+%patch0 -p0
%build
cd build
++ scap-security-guide-UnicodeEncodeError-character-fix.patch ++
diff -Nurp
content-0.1.58-orig/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2/bash/shared.sh
content-0.1.58/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2/bash/shared.sh
---
linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2/bash/shared.sh
2021-09-24 15:03:29.0 +0200
+++
linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2/bash/shared.sh
2021-10-06 14:39:43.949753820 +0200
@@ -3,6 +3,6 @@
{{{ bash_instantiate_variables("var_password_pam_tally2") }}}
# Use a non-number regexp to force update of the value of the deny option
-{{{ bash_ensure_pam_module_options('/etc/pam.d/common-auth', 'auth',
'required', 'pam_tally2.so', 'deny', '??', "${var_password_pam_tally2}") }}}
+{{{ bash_ensure_pam_module_options('/etc/pam.d/common-auth', 'auth',
'required', 'pam_tally2.so', 'deny', 'X', "${var_password_pam_tally2}") }}}
{{{ bash_ensure_pam_module_options('/etc/pam.d/common-auth', 'auth',
'required', 'pam_tally2.so', 'onerr', '(fail)', 'fail') }}}
{{{ bash_ensure_pam_module_options('/etc/pam.d/common-account', 'account',
'required', 'pam_tally2.so', '', '', '') }}}
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2021-09-25 22:51:30 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1899 (New) Package is "scap-security-guide" Sat Sep 25 22:51:30 2021 rev:9 rq:921417 version:0.1.58 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2021-08-01 21:52:12.239196054 +0200 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.1899/scap-security-guide.changes 2021-09-25 22:51:41.395367849 +0200 @@ -1,0 +2,10 @@ +Fri Sep 24 15:16:30 UTC 2021 - Marcus Meissner + +- updated to 0.1.58 release (jsc#ECO-3319) +- Support for Script Checking Engine (SCE) +- Split RHEL 8 CIS profile using new controls file format +- CIS Profiles for SLE12 +- Initial Ubuntu 20.04 STIG Profiles +- Addition of an automated CCE adder + +--- Old: v0.1.57.tar.gz New: v0.1.58.tar.gz Other differences: -- ++ scap-security-guide.spec ++ --- /var/tmp/diff_new_pack.WUZNaw/_old 2021-09-25 22:51:41.923368521 +0200 +++ /var/tmp/diff_new_pack.WUZNaw/_new 2021-09-25 22:51:41.927368526 +0200 @@ -42,7 +42,7 @@ %endif Name: scap-security-guide -Version:0.1.57 +Version:0.1.58 Release:0 Summary:XCCDF files for SUSE Linux and openSUSE License:BSD-3-Clause ++ v0.1.57.tar.gz -> v0.1.58.tar.gz ++ 94749 lines of diff (skipped)
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2021-08-01 21:51:50 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1899 (New) Package is "scap-security-guide" Sun Aug 1 21:51:50 2021 rev:8 rq:909618 version:0.1.57 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2021-06-04 00:34:25.313019086 +0200 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.1899/scap-security-guide.changes 2021-08-01 21:52:12.239196054 +0200 @@ -1,0 +2,9 @@ +Tue Jul 13 14:41:16 UTC 2021 - Marcus Meissner + +- updated to 0.1.57 release (jsc#ECO-3319) + - CIS profile for RHEL 7 is updated + - initial CIS profiles for Ubuntu 20.04 + - Major improvement of RHEL 9 content + - new release process implemented using Github actions + +--- Old: v0.1.56.tar.gz New: _constraints v0.1.57.tar.gz Other differences: -- ++ scap-security-guide.spec ++ --- /var/tmp/diff_new_pack.YSqYbn/_old 2021-08-01 21:52:12.675195541 +0200 +++ /var/tmp/diff_new_pack.YSqYbn/_new 2021-08-01 21:52:12.679195536 +0200 @@ -42,7 +42,7 @@ %endif Name: scap-security-guide -Version:0.1.56 +Version:0.1.57 Release:0 Summary:XCCDF files for SUSE Linux and openSUSE License:BSD-3-Clause ++ _constraints ++ 6 ++ v0.1.56.tar.gz -> v0.1.57.tar.gz ++ 169788 lines of diff (skipped)
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2021-06-04 00:34:06
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1898 (New)
Package is "scap-security-guide"
Fri Jun 4 00:34:06 2021 rev:7 rq:897243 version:0.1.56
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2021-06-01 10:38:29.296917907 +0200
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1898/scap-security-guide.changes
2021-06-04 00:34:25.313019086 +0200
@@ -1,0 +2,5 @@
+Wed Jun 2 15:03:42 UTC 2021 - Julio Gonz??lez Gil
+
+- Specify the maintainer, for deb packages.
+
+---
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.IKrKmy/_old 2021-06-04 00:34:25.805019618 +0200
+++ /var/tmp/diff_new_pack.IKrKmy/_new 2021-06-04 00:34:25.805019618 +0200
@@ -49,7 +49,7 @@
Group: Productivity/Security
URL:https://github.com/ComplianceAsCode/content
%if "%{_vendor}" == "debbuild"
-%else
+Packager: SUSE Security Team
%endif
Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
BuildRequires: cmake
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2021-06-01 10:37:22
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.1898 (New)
Package is "scap-security-guide"
Tue Jun 1 10:37:22 2021 rev:6 rq:895670 version:0.1.56
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2021-03-25 14:52:22.340488335 +0100
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1898/scap-security-guide.changes
2021-06-01 10:38:29.296917907 +0200
@@ -1,0 +2,12 @@
+Wed May 26 15:19:40 UTC 2021 - Marcus Meissner
+
+- updated to 0.1.56 release (jsc#ECO-3319)
+ - Align ism_o profile with latest ISM SSP (#6878)
+ - Align RHEL 7 STIG profile with DISA STIG V3R3
+ - Creating new RHEL 7 STIG GUI profile (#6863)
+ - Creating new RHEL 8 STIG GUI profile (#6862)
+ - Add the RHEL9 product (#6801)
+ - Initial support for SUSE SLE-15 (#)
+ - add support for osbuild blueprint remediations (#6970)
+
+---
Old:
v0.1.55git20210323.tar.gz
New:
v0.1.56.tar.gz
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.dJAVrz/_old 2021-06-01 10:38:31.384921462 +0200
+++ /var/tmp/diff_new_pack.dJAVrz/_new 2021-06-01 10:38:31.388921470 +0200
@@ -42,7 +42,7 @@
%endif
Name: scap-security-guide
-Version:0.1.55git20210323
+Version:0.1.56
Release:0
Summary:XCCDF files for SUSE Linux and openSUSE
License:BSD-3-Clause
@@ -51,8 +51,7 @@
%if "%{_vendor}" == "debbuild"
%else
%endif
-#Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
-Source: v%{version}.tar.gz
+Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
BuildRequires: cmake
%if "%{_vendor}" == "debbuild"
@@ -163,7 +162,6 @@
%autosetup -n content-%version
%build
-mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DCMAKE_INSTALL_MANDIR=%{_mandir} \
@@ -184,6 +182,7 @@
-DSSG_PRODUCT_RHCOS4=ON \
-DSSG_PRODUCT_RHEL7=ON \
-DSSG_PRODUCT_RHEL8=ON \
+-DSSG_PRODUCT_RHEL9=ON \
-DSSG_PRODUCT_RHOSP10=ON \
-DSSG_PRODUCT_RHOSP13=ON \
-DSSG_PRODUCT_RHV4=ON \
++ v0.1.55git20210323.tar.gz -> v0.1.56.tar.gz ++
/work/SRC/openSUSE:Factory/scap-security-guide/v0.1.55git20210323.tar.gz
/work/SRC/openSUSE:Factory/.scap-security-guide.new.1898/v0.1.56.tar.gz differ:
char 4, line 1
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2021-03-25 14:52:21
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.2401 (New)
Package is "scap-security-guide"
Thu Mar 25 14:52:21 2021 rev:5 rq:881077 version:0.1.55git20210323
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2021-03-20 21:26:27.741210864 +0100
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.2401/scap-security-guide.changes
2021-03-25 14:52:22.340488335 +0100
@@ -1,0 +2,8 @@
+Wed Mar 24 13:25:26 UTC 2021 - Marcus Meissner
+
+- updated to a intermediate GIT snapshot of 20210323 (jsc#ECO-3319)
+ - initial SLES15 STIG added
+ - more SLES 12 STIG work
+ - correct tables and cross references for SLES 12 and 15 STIG
+
+---
@@ -8,0 +17 @@
+- avoid some non sles12 sp2 available macros.
Old:
v0.1.55.tar.gz
New:
v0.1.55git20210323.tar.gz
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.gkZde5/_old 2021-03-25 14:52:25.096491137 +0100
+++ /var/tmp/diff_new_pack.gkZde5/_new 2021-03-25 14:52:25.100491142 +0100
@@ -42,7 +42,7 @@
%endif
Name: scap-security-guide
-Version:0.1.55
+Version:0.1.55git20210323
Release:0
Summary:XCCDF files for SUSE Linux and openSUSE
License:BSD-3-Clause
@@ -51,7 +51,8 @@
%if "%{_vendor}" == "debbuild"
%else
%endif
-Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
+#Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
+Source: v%{version}.tar.gz
BuildRequires: cmake
%if "%{_vendor}" == "debbuild"
@@ -162,6 +163,7 @@
%autosetup -n content-%version
%build
+mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DCMAKE_INSTALL_MANDIR=%{_mandir} \
@@ -169,7 +171,6 @@
-DSSG_PRODUCT_DEBIAN9=ON \
-DSSG_PRODUCT_DEBIAN10=ON \
-DSSG_PRODUCT_DEFAULT=ON \
--DSSG_PRODUCT_EAP6=OFF \
-DSSG_PRODUCT_EXAMPLE=OFF \
-DSSG_PRODUCT_FEDORA=ON \
-DSSG_PRODUCT_FIREFOX=OFF \
@@ -181,7 +182,6 @@
-DSSG_PRODUCT_OL8=ON \
-DSSG_PRODUCT_OPENSUSE=ON \
-DSSG_PRODUCT_RHCOS4=ON \
--DSSG_PRODUCT_RHEL6=ON \
-DSSG_PRODUCT_RHEL7=ON \
-DSSG_PRODUCT_RHEL8=ON \
-DSSG_PRODUCT_RHOSP10=ON \
@@ -196,11 +196,11 @@
-DSSG_PRODUCT_WRLINUX8=OFF \
-DSSG_PRODUCT_WRLINUX1019=OFF \
../
-%make_build
+make
%install
cd build/
-%make_install
+make install DESTDIR=%buildroot
%files
%if "%{_vendor}" != "debbuild"
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package scap-security-guide for openSUSE:Factory checked in at 2021-03-20 21:25:59 Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old) and /work/SRC/openSUSE:Factory/.scap-security-guide.new.2401 (New) Package is "scap-security-guide" Sat Mar 20 21:25:59 2021 rev:4 rq:880138 version:0.1.55 Changes: --- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes 2021-03-15 10:54:47.353207530 +0100 +++ /work/SRC/openSUSE:Factory/.scap-security-guide.new.2401/scap-security-guide.changes 2021-03-20 21:26:27.741210864 +0100 @@ -1,0 +2,9 @@ +Fri Mar 19 15:08:35 UTC 2021 - Marcus Meissner + +- updated to 0.1.55 release (jsc#ECO-3319) + - big update of rules used in SLES-12 STIG profile + - Render policy to HTML (#6532) + - Add variable support to yamlfile_value template (#6563) + - Introduce new template for dconf configuration files (#6118) + +--- Old: v0.1.54.tar.gz New: v0.1.55.tar.gz Other differences: -- ++ scap-security-guide.spec ++ --- /var/tmp/diff_new_pack.FkgkmQ/_old 2021-03-20 21:26:28.549211810 +0100 +++ /var/tmp/diff_new_pack.FkgkmQ/_new 2021-03-20 21:26:28.553211813 +0100 @@ -42,7 +42,7 @@ %endif Name: scap-security-guide -Version:0.1.54 +Version:0.1.55 Release:0 Summary:XCCDF files for SUSE Linux and openSUSE License:BSD-3-Clause ++ v0.1.54.tar.gz -> v0.1.55.tar.gz ++ /work/SRC/openSUSE:Factory/scap-security-guide/v0.1.54.tar.gz /work/SRC/openSUSE:Factory/.scap-security-guide.new.2401/v0.1.55.tar.gz differ: char 13, line 1
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2021-03-15 10:54:46
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.2401 (New)
Package is "scap-security-guide"
Mon Mar 15 10:54:46 2021 rev:3 rq:878597 version:0.1.54
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2021-02-26 22:00:08.699857368 +0100
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.2401/scap-security-guide.changes
2021-03-15 10:54:47.353207530 +0100
@@ -1,0 +2,6 @@
+Fri Mar 12 14:14:10 UTC 2021 - Julio Gonz??lez Gil
+
+- Add the redhat conflict for packages built on redhat clones
+ or Fedora
+
+---
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.Q7VleS/_old 2021-03-15 10:54:47.997208519 +0100
+++ /var/tmp/diff_new_pack.Q7VleS/_new 2021-03-15 10:54:47.997208519 +0100
@@ -121,6 +121,9 @@
%package redhat
Summary:XCCDF files for RHEL, CentOS, Fedora and ScientificLinux
Group: Productivity/Security
+%if 0%{?fedora} || 0%{?rhel}
+Conflicts: scap-security-guide
+%endif
%description redhat
Security Content Automation Protocol (SCAP) Security Guide for
Redhat/Fedora/CentOS/OracleLinux/ScientificLinux.
commit scap-security-guide for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package scap-security-guide for
openSUSE:Factory checked in at 2021-02-26 22:00:06
Comparing /work/SRC/openSUSE:Factory/scap-security-guide (Old)
and /work/SRC/openSUSE:Factory/.scap-security-guide.new.2378 (New)
Package is "scap-security-guide"
Fri Feb 26 22:00:06 2021 rev:2 rq:875317 version:0.1.54
Changes:
--- /work/SRC/openSUSE:Factory/scap-security-guide/scap-security-guide.changes
2021-02-22 14:40:04.836599046 +0100
+++
/work/SRC/openSUSE:Factory/.scap-security-guide.new.2378/scap-security-guide.changes
2021-02-26 22:00:08.699857368 +0100
@@ -1,0 +2,5 @@
+Fri Feb 26 08:45:24 UTC 2021 - Marcus Meissner
+
+- remove redhat conflict.
+
+---
Other differences:
--
++ scap-security-guide.spec ++
--- /var/tmp/diff_new_pack.j7C7zf/_old 2021-02-26 22:00:09.323857915 +0100
+++ /var/tmp/diff_new_pack.j7C7zf/_new 2021-02-26 22:00:09.327857919 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package openscap-content-stig
+# spec file for package scap-security-guide
#
-# Copyright (c) 2018 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,9 +12,10 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
+
%if ! (0%{?fedora} || 0%{?rhel} > 5)
%if "%{_vendor}" == "debbuild"
%global __python /usr/bin/python3
@@ -43,14 +44,12 @@
Name: scap-security-guide
Version: 0.1.54
Release: 0
-License: BSD-3-Clause
Summary: XCCDF files for SUSE Linux and openSUSE
-Url: https://github.com/ComplianceAsCode/content
+License:BSD-3-Clause
+Group: Productivity/Security
+URL:https://github.com/ComplianceAsCode/content
%if "%{_vendor}" == "debbuild"
-Packager: Uyuni packagers
-Group: admin
%else
-Group: Productivity/Security
%endif
Source:
https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
BuildRequires: cmake
@@ -58,8 +57,8 @@
%if "%{_vendor}" == "debbuild"
%{!?_licensedir:%global license %%doc}
BuildRequires: libopenscap8
-BuildRequires: libxslt1.1
BuildRequires: libxml2-utils
+BuildRequires: libxslt1.1
BuildRequires: xsltproc
%else
BuildRequires: libxslt
@@ -102,8 +101,8 @@
%endif
%endif
-BuildRequires: libxml2
BuildRequires: expat
+BuildRequires: libxml2
# not on SLES currently
%if 0%{?is_opensuse} || 0%{?fedora} || "%{_vendor}" == "debbuild"
BuildRequires: ansible
@@ -120,8 +119,8 @@
files to run a compliance test on SLE12, SLE15 and openSUSE
%package redhat
-Conflicts: scap-security-guide
Summary: XCCDF files for RHEL, CentOS, Fedora and ScientificLinux
+Group: Productivity/Security
%description redhat
Security Content Automation Protocol (SCAP) Security Guide for
Redhat/Fedora/CentOS/OracleLinux/ScientificLinux.
@@ -133,6 +132,7 @@
%package debian
Summary: XCCDF files for Debian
+Group: Productivity/Security
%description debian
Security Content Automation Protocol (SCAP) Security Guide for Debian.
@@ -144,6 +144,7 @@
%package ubuntu
Summary: XCCDF files for Ubuntu
+Group: Productivity/Security
%description ubuntu
Security Content Automation Protocol (SCAP) Security Guide for Ubuntu.
@@ -256,7 +257,6 @@
%{_datadir}/xml/scap/ssg/content/*-centos*
%{_datadir}/xml/scap/ssg/content/*-sl7*
-
%files debian
%if "%{_vendor}" != "debbuild"
%license LICENSE
