Hello community, here is the log from the commit of package openscap for openSUSE:Leap:15.2 checked in at 2020-04-30 18:53:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/openscap (Old) and /work/SRC/openSUSE:Leap:15.2/.openscap.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "openscap" Thu Apr 30 18:53:07 2020 rev:33 rq:799261 version:1.3.2 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/openscap/openscap.changes 2020-01-15 15:37:04.731013117 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.openscap.new.2738/openscap.changes 2020-04-30 18:53:57.956918547 +0200 @@ -1,0 +2,83 @@ +Wed Mar 25 13:53:51 UTC 2020 - Christophe Giboudeaux <christophe@krop.fr> + +- Add upstream patch to fix the scap-workbench build: + * 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch + +------------------------------------------------------------------- +Tue Jan 14 13:43:11 UTC 2020 - Marcus Meissner <meissner@suse.com> + +- switch back to official release +- openscap 1.3.2 + - the test suite and build scripts were improved to support Debian 10 + - offline mode has received some love with a set of dedicated tests and various fixes in OVAL probes; + - the oscap-docker wrapper is no longer dependent on Atomic + - Python binding are now more robust + - HTML reports and guides, generated by the scanner, are now more accessible for non-visual rendering agents + - Support of multi-check rules has been improved across the whole workflow + + There are other changes as well, here is the list: + * New features + - Offline mode support for environmentvariable58 probe + - The oscap-docker wrapper is available without Atomic + + + Maintenance, bug fixes + - Improved support of multi-check rules (report, remediations, console output) + - Improved HTML report look and feel, including printed version + - Less clutter in verbose mode output; some warnings and errors demoted to verbose mode levels + - Probe rpmverifyfile uses and returns canonical paths + - Improved a11y of HTML reports and guides + - Fixes and improvements for SWIG Python bindings + - #1403 fixed: Scanner would not apply remediation for multicheck rules (verbosity) + - Fixed URL link mechanism for Red Hat Errata + - New STIG Viewer URI: public.cyber.mil + - Probe selinuxsecuritycontext would not check if SELinux is enabled + - Scanner would provide information about unsupported OVAL objects + - Added more tests for offline mode (probes, remediation) + - #528 fixed: Eval SCE script when /tmp is in mode noexec + - #1173, RHBZ#1603347 fixed: Double chdir/chroot in probe rpmverifypackage + +------------------------------------------------------------------- +Sat Jan 11 17:24:21 UTC 2020 - Marcus Meissner <meissner@suse.com> + +- temporary openscap 1.3.1 git snapshot + - make it build with new RPM (bsc#1160720) + +------------------------------------------------------------------- +Sat Jan 11 09:01:49 UTC 2020 - Marcus Meissner <meissner@suse.com> + +- use distribution-release instead of dummy-release + +------------------------------------------------------------------- +Thu Jun 13 14:22:06 UTC 2019 - Robert Frohl <rfrohl@suse.com> + +- openscap 1.3.1 + - New features + - Support for SCAP 1.3 Source Datastreams (evaluating, XML schemas, validation) + - Introduced `oscap-podman` -- a tool for SCAP evaluation of Podman images and containers + - Tailoring files are included in ARF result files + - OVAL details are always shown in HTML report, users do not have to provide `--oval-results` on command line + - HTML report displays OVAL test details also for OVAL tests included from other OVAL definitions using `extend_definition` + - OVAL test IDs are shown in HTML report - Rule IDs are shown in HTML guide + - Added `block_size` in Linux `partition_state` defined in OVAL 5.11.2 + - Added `oscap_wrapper` that can be used to comfortably execute custom compiled oscap tool + - Maintenance and bug fixes + for a complete list please see https://github.com/OpenSCAP/openscap/releases/tag/1.3.1 +- removed patches accepted upstream: + rpmverifyfile_unittest.patch rpmverify_unittest.patch sysctl_unittest.patch + test_probes_rpmverifypackage-disable-epoch-test.patch xinetd_probe.patch + +------------------------------------------------------------------- +Tue Mar 26 13:55:18 UTC 2019 - Robert Frohl <rfrohl@suse.com> + +- obsolete removed packages: openscap-engine-sce and openscap-extra-probes + +------------------------------------------------------------------- +Mon Mar 25 18:54:37 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com> + +- Drop gconf2-devel BuildRequires: It is not mandatory, so lets + build without this obsolete package. +- Add pkgconfig(glib-2.0) and pkgconfig(gobject-2.0) BuildRequires: + They are also optional, but not obsolete, and previously pulled + in via gconf2-devel dependency, so lets build support for them. + +------------------------------------------------------------------- Old: ---- 1.3.0.tar.gz rpmverify_unittest.patch rpmverifyfile_unittest.patch sysctl_unittest.patch test_probes_rpmverifypackage-disable-epoch-test.patch xinetd_probe.patch New: ---- 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch 1.3.2.tar.gz _service ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openscap.spec ++++++ --- /var/tmp/diff_new_pack.DEtgvZ/_old 2020-04-30 18:53:58.760920246 +0200 +++ /var/tmp/diff_new_pack.DEtgvZ/_new 2020-04-30 18:53:58.764920254 +0200 @@ -1,7 +1,7 @@ # # spec file for package openscap # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -25,25 +25,23 @@ %define with_bindings 0 Name: openscap -Version: 1.3.0 -Release: 1.0 +Version: 1.3.2 +Release: 0 Source: https://github.com/OpenSCAP/openscap/archive/%{version}.tar.gz +# temp snapshot to make it build with new RPM before 1.3.2 +#Source: openscap-%version.tar.bz2 Source1: openscap-rpmlintrc Source2: sysconfig.oscap-scan -# SUSE specific profile, based on yast2-security -# checks. +# SUSE specific profile, based on yast2-security checks. # Generated from http://gitorious.org/test-suite/scap Source3: scap-yast2sec-xccdf.xml Source4: scap-yast2sec-oval.xml Source5: oscap-scan.service Source6: oscap-scan.sh Patch0: openscap-new-suse.patch -Patch1: xinetd_probe.patch -Patch2: test_probes_rpmverifypackage-disable-epoch-test.patch -Patch3: sysctl_unittest.patch -Patch4: rpmverifyfile_unittest.patch -Patch5: rpmverify_unittest.patch -Url: http://www.open-scap.org/ +# PATCH-FIX-UPSTREAM +Patch1: 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch +Url: https://www.open-scap.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: asciidoc BuildRequires: doxygen @@ -51,7 +49,7 @@ %if !0%{?is_opensuse} && 0%{?sle_version} < 130000 BuildRequires: sles-release %else -BuildRequires: dummy-release +BuildRequires: distribution-release %endif BuildRequires: libacl-devel BuildRequires: libattr-devel @@ -62,7 +60,6 @@ # Use package name cause of "have choice for perl(XML::Parser): brp-check-suse perl-XML-Parser" BuildRequires: cmake BuildRequires: gcc-c++ -BuildRequires: gconf2-devel BuildRequires: libblkid-devel BuildRequires: libcap-devel BuildRequires: libselinux-devel @@ -81,10 +78,15 @@ BuildRequires: sendmail BuildRequires: swig BuildRequires: unixODBC-devel +BuildRequires: pkgconfig(glib-2.0) +BuildRequires: pkgconfig(gobject-2.0) Summary: A Set of Libraries for Integration with SCAP License: LGPL-2.1-or-later Group: Development/Tools/Other BuildRequires: systemd-rpm-macros +# remove extra packages from version 1.2.9 and older +Obsoletes: openscap-engine-sce < %{version} +Obsoletes: openscap-extra-probes < %{version} %description OpenSCAP is a set of open source libraries providing an easier path for @@ -173,10 +175,6 @@ %setup -q %patch0 -p1 %patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 %build %if 0%{?with_bindings} @@ -296,6 +294,8 @@ %{_bindir}/oscap-ssh %{_bindir}/oscap-chroot %{_bindir}/scap-as-rpm +%{_bindir}/oscap-podman +%{_bindir}/oscap-run-sce-script %{_sbindir}/rcoscap-scan %{_datadir}/bash-completion/completions/* ++++++ 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch ++++++
From 0ba7c9423f64a88ceef50318f1a382059484f737 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com> Date: Wed, 15 Jan 2020 13:54:45 +0100 Subject: [PATCH] Do not use C++ keyword operator as a function parameter name MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
This fixes SCAP Workbench build. Addressing: [ 37%] Building CXX object CMakeFiles/scap-workbench.dir/scap-workbench_autogen/mocs_compilation.cpp.o In file included from /usr/local/include/openscap/xccdf_policy.h:39, from /home/jcerny/work/git/scap-workbench/include/TailoringDockWidgets.h:31, from /home/jcerny/work/git/scap-workbench/build/scap-workbench_autogen/6YEA5652QU/moc_TailoringDockWidgets.cpp:10, from /home/jcerny/work/git/scap-workbench/build/scap-workbench_autogen/mocs_compilation.cpp:18: /usr/local/include/openscap/oval_definitions.h:1676:117: error: declaration of ‘operator,’ as parameter 1676 | restriction *oval_variable_possible_restriction_new(oval_operator_t operator, const char *hint); | ^ Fixes: #1462 --- src/OVAL/public/oval_definitions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/OVAL/public/oval_definitions.h b/src/OVAL/public/oval_definitions.h index ea9d3aaf8..b5fe77154 100644 --- a/src/OVAL/public/oval_definitions.h +++ b/src/OVAL/public/oval_definitions.h @@ -1669,7 +1669,7 @@ OSCAP_API void oval_variable_possible_value_iterator_free(struct oval_variable_p * @param hint A short description of what the value means or represents. * @memberof oval_variable_possible_restriction */ -OSCAP_API struct oval_variable_possible_restriction *oval_variable_possible_restriction_new(oval_operator_t operator, const char *hint); +OSCAP_API struct oval_variable_possible_restriction *oval_variable_possible_restriction_new(oval_operator_t, const char *); /** -- 2.25.1 ++++++ 1.3.0.tar.gz -> 1.3.2.tar.gz ++++++ /work/SRC/openSUSE:Leap:15.2/openscap/1.3.0.tar.gz /work/SRC/openSUSE:Leap:15.2/.openscap.new.2738/1.3.2.tar.gz differ: char 12, line 1 ++++++ _service ++++++ <services> <service name="tar_scm" mode="disabled"> <param name="url">https://github.com/openscap/openscap.git</param> <param name="scm">git</param> <param name="revision">maint-1.3</param> <param name="versionformat">@PARENT_TAG@+git.%cd</param> </service> <service name="recompress" mode="disabled"> <param name="file">*.tar</param> <param name="compression">bz2</param> </service> <service mode="disabled" name="set_version"/> </services>