| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: openscap-content | Distribution: openSUSE Tumbleweed |
| Version: 1.4.1 | Vendor: openSUSE |
| Release: 1.2 | Build date: Wed Jan 8 17:49:37 2025 |
| Group: System/Monitoring | Build host: reproducible |
| Size: 56874 | Source RPM: openscap-1.4.1-1.2.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://www.open-scap.org/ | |
| Summary: SCAP content | |
SCAP content for Fedora delivered by Open-SCAP project.
LGPL-2.1-or-later
* Wed Jan 08 2025 Alexander Bergmann <abergmann@suse.com>
- update to 1.4.1:
* New features
- Introduce "oscap-im" - script that can be used in Containerfiles to build
- hardened bootable container images to run as Image Mode Operating System
Maintenance, bug fix
- Add support for containers with no entrypoint/cmd in "oscap-docker"
- Stop printing useless component reference information in "oscap info"
- Fix missing declaration of PATH_MAX on Solaris
- Fix RPM database path in RPM probes (RHEL-55251, #2151)
- Fix issues reported by OpenScanHub after 1.4.0 release
- Fix failing test probes/filehash58/test_probes_filehash58.sh on s390x
- architecture
- Ensure xlink namespace exists (RHEL-34104)
- Minor fixes in test suite and CI
- update to 1.4.0:
* New features
- Introduce ability to generate Kickstarts for unattended OS installation using the oscap xccdf generate fix --fix-type kickstart command
- Add ability to process multi-profile JSON tailorings by the autotailor tool
* Removed features
- Removed cve, cvss, cvrf modules
- Removed ds submodules sds-compose, sds-add, sds-split, rds-create, rds-split
- Removed --template, --oval-template and --sce-template options from the xccdf generate submodule
- Remove the --skip-valid option (replaced by --skip-validation)
* Maintenance, bug fix
- Advertise path to SSG in remediation scripts
- Remove the option to build with PCRE
- Process CPE AL platforms if CPE dictionary isn't part of data stream
- Disable GConf probe by default (and remove dependencies from docs)
- Disable MD5 and SHA-1 by default
- Remove CPE dictionary
- Fix compiler warnings
- Update User Manual
- Remove SUSE/openSUSE CPE dictionary patches.
* drop 0001-Add-openSUSE-cpe-links.patch
* drop 0002-Add-SUSE-cpe-links.patch
- Set .so version to 33.
* Mon Sep 16 2024 Marcus Meissner <meissner@suse.com>
- disable sendmail buildrequires (seems unused)
- only use distribution-release to make work everywhere
* Sat May 04 2024 Marcus Meissner <meissner@suse.com>
- 0001-Add-openSUSE-cpe-links.patch: added Leap 15.6
* Wed Mar 20 2024 Dan Čermák <dcermak@suse.com>
- Rename oscap-docker to oscap-containers and provide oscap-podman as well
(Relates to jsc#SLE-12852)
* Wed Mar 20 2024 Robert Frohl <rfrohl@suse.com>
- update to 1.3.10:
* New features
- Dump all env. variables that affects the behaviour on INFO log level
- Support Blueprint services customization for masking
- Fix Blueprint template to be self-contained
- Add a refine-rule tailoring ability to autotailor
- Introduce JSON tailoring import option for autotailor
- Select rules based on reference
- Skip certain paths from scanning (controlled via env. variable)
- Introduce a limit of collected items (controlled via env. variable)
* Maintenance, bug fix
- Fix partition probe for PCRE2
- Fix NSS crypto backend
- Wrap Bash snippets in a subshell when generating a fix script
- Improve references in HTML guides and reports
- Update html report with OVAL details
- Rewrite dpkginfo probe without using APT
- Fix incorrect openscap-cpe-oval result filename
- Implement xccdf_session_get_rule_results function in XCCDF session API
- Implement xccdf_session_result_reset function in XCCDF session API
- drop 0005-rename-requires-reqs-for-C-20-compatibility.patch: fixed upstream
* Tue Feb 27 2024 Jaime Marquínez Ferrándiz <jaime.marquinez.ferrandiz@fastmail.net>
- Use the correct documentation's path.
* Thu Sep 21 2023 Andreas Stieger <andreas.stieger@gmx.de>
- update to 1.3.9:
* use PCRE2 library
* Fix offline mode (OVAL/sysctl)
* Fix leak of dpkg cache when dpkginfo_init is called multiple times
* Fix un-expanded variable in xccdf report output
* Fix issues when parsing profiles
* Fix minor problems and resource leaks
* Wed Jun 21 2023 Robert Frohl <rfrohl@suse.com>
- openscap 1.3.8
* New features
- The boot-time remediation service for systemd's Offline Update mode is now disabled by default
- Add offline capabilities to the shadow OVAL probe
- Add offline capabilities to the sysctl OVAL probe
- Add 'auristorfs' to list of network fileystems
- Add new experimental linux-bound fwupdsecattr probe for system firmware security attributes (fwupd-based)
* Maintenance, bug fix
- Use ListUnitFiles D-Bus method to fetch all units in systemd OVAL probe
- Fix minor resource leaks
* Wed Mar 29 2023 Marcus Meissner <meissner@suse.com>
- remove _service confusion, we use final tarballs.
* Tue Mar 28 2023 kkaempf@suse.com
- Update to version 1.3.7:
* openscap-1.3.7
* Bump soname from 25.5.0 to 25.5.1
* Bump version to openscap-1.3.7
* Fix typos in docs
* Remove a check for suspicious files
* Add debian_evr_string tests to CMakeLists
* Add a few unittests for debian_evr_string
* Remove To be done
* Move release guide to upstream
- add 0005-rename-requires-reqs-for-C-20-compatibility.patch
- rename patches
openscap-opensuse-cpe.patch to 0001-Add-openSUSE-cpe-links.patch
openscap-suse-cpe.patch to 0002-Add-SUSE-cpe-links.patch
openscap-docker-add-suse.patch to 0003-Use-openSUSE-SUSE-cpe-links.patch
oscap-remediate.service.in.patch to 0004-oscap-remediate-is-located-in-bindir.patch
- drop 0001-Use-correct-includes.patch (upstream)
* Mon Jan 23 2023 Thorsten Kukuk <kukuk@suse.com>
- Require systemd for building, was pulled in before by indirect
dependencies which don't exist anymore
* Thu Jan 19 2023 Marcus Meissner <meissner@suse.com>
- 0001-Use-correct-includes.patch: fixed build with rpm 4.18
* Wed Sep 21 2022 Dirk Müller <dmueller@suse.com>
- require shared library in the same version or newer
* Thu Sep 15 2022 Marcus Meissner <meissner@suse.com>
- added Leap 15.4 and 15.5 dictionary entries. (bsc#1203408)
* Sat Feb 19 2022 Bjørn Lie <bjorn.lie@gmail.com>
- Conditionally drop optional gconf2-devel BuildRequires for
openSUSE Tumbleweed and newer: gconf2 is being droppped from
openSUSE Tumbleweed, build without gconf2 support.
* Thu Jan 20 2022 Robert Frohl <rfrohl@suse.com>
- openscap 1.3.6
* New features
- Select and exclude groups of rules on the command line
- The boot-time remediation service for systemd's Offline Update mode
- Memory limit control using OSCAP_PROBE_MEMORY_USAGE_RATIO environment variable
- Allow disablement of SHA-1 and MD5
- Allow providing pre-downloaded components
- Introduce OSBuild Blueprint fix type
* Maintenance, bug fix
- Fix coverity issues
- Patch the `segfault` in dpkginfo_fini()
- Add an alternative source of hostname
- Fail download on HTTP errors
- Compile "environmentvariable_probe" on Windows
- FreeBSD build and test fixes
- Add offline mode for password probe
- Initialize crypto API only once
- Fix UBI 9 scan
- oval/yamlfilecontent: Add 'null' values handling
- Do not set Rpath
- Do not split `XCCDF:requires` with multiple `idrefs`
- Allow empty /proc in offline mode
- oscap-remediate is shipped via /usr/bin
Added oscap-remediate.service.in.patch
- spec-cleaner run
* Tue Dec 07 2021 Marcus Meissner <meissner@suse.com>
- openscap-docker-add-suse.patch: add SLES support oscap-docker
(bsc#1179314)
* Mon Oct 04 2021 Marcus Meissner <meissner@suse.com>
- ship python3 docker module always
* Thu Aug 19 2021 Steve Kowalik <steven.kowalik@suse.com>
- Since upstream has moved to Python 3, switch the BuildRequires from
python-devel to python3-devel.
* Wed Jul 14 2021 Robert Frohl <rfrohl@suse.com>
- Add definition for tumbleweed to openscap-opensuse-cpe.patch (boo#1186735)
* Wed Jun 02 2021 Robert Frohl <rfrohl@suse.com>
- add old patches - slightly renamed; cpe are needed (boo#1186735)
* openscap-opensuse-cpe.patch
* openscap-suse-cpe.patch
* Fri Apr 23 2021 Robert Frohl <rfrohl@suse.com>
- openscap 1.3.5
* New features
- Made schematron-based validation enabled by default for validate command of oval and xccdf modules
- Added SCAP 1.3 source data stream Schematron
- Added XML Signature Validation
- Added --enforce-signature option for eval, guide, and fix modules
- Added <content> entity support (OVAL/yamlfilecontent)
- Allowed to clamp mtime to SOURCE_DATE_EPOCH
- Added severity and role attributes
- Added support for requires/conflicts elements of the Rule and Group (XCCDF)
- Added Kubernetes remediation to HTML report
* Maintenance, bug fix
- Fixed CMake warnings
- Made 'gpfs', 'proc' and 'sysfs' filesystems non-local
- Fixed handling of '--arg=val'-styled common options
- Documented used environment variables
- Updated man page and help texts
- Added --skip-validation option synonym for --skip-valid
- Fixed behavior of StateType operator
- Fixed some of the coverity warnings
- Ignoring namespace in XPath expressions
- Fixed how oval_probe_ext_eval checks absence of the response from the probe (obtrusive data warning)
- Described SWID tags detection
- Improved documentation about --stig-viewer option
- File probe behaviour fixed (symlink traversal now behaves as defined by OVAL)
- Fixed multiple segfaults and broken test in --stig-viewer feature
- Added dpkg version comparison algorithm
- Pluged some memory leaks
- Fixed TestResult/benchmark/@href attribute
- Fixed memory allocation
- Fixed field names for cases where key selection section is followed by a set section (probes/yamfilecontent)
- Changing hard coded libperl path in favor of FindPerlLibs method
- Check local filesystems when using 'filepath' element
- dropped, because not needed anymore:
* 0001-Fix-memory-allocation.patch
* openscap-new-suse.patch
* openscap-leap-cpe-15.12.patch
/usr/share/openscap/scap-oval.xml /usr/share/openscap/scap-xccdf.xml /usr/share/openscap/scap-yast2sec-oval.xml /usr/share/openscap/scap-yast2sec-xccdf.xml
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Oct 8 23:32:53 2025