File _patchinfo of Package patchinfo.17737

<patchinfo incident="17737">
  <issue tracker="bnc" id="1160720">[Build 20200110] FTBFS openSUSE:Factiry/openscap</issue>
  <issue tracker="bnc" id="1178301">openscap: Missing D-Bus build requirement for systemd OVAL tests</issue>
  <issue tracker="bnc" id="1154380">openscap: missing systemd compile dependency causing "OVAL object not supported" error</issue>
  <issue tracker="bnc" id="1180456">openscap: DISA STIG Viewer URL reference changed</issue>
  <issue tracker="bnc" id="1155258">openscap: new DISA STIG Viewer URI</issue>
  <packager>msmeissn</packager>
  <rating>moderate</rating>
  <category>recommended</category>
  <summary>Recommended update for openscap</summary>
  <description>This update for openscap fixes the following issues:

OpenSCAP was updated to 1.3.4:

- add CPE dict entries for openSUSE Leap 15.1 and 15.2
- add dbus-1-devel buildrequires to enable systemd tests (bsc#1178301)

openscap 1.3.4:

  * New features

    - Add support for FreeBSD
    - Make use of HTTP header content-encoding: gzip if available
    - Improved yamlfilecontent: updated yaml-filter, extend the schema and probe to be able to work with a set of values in maps

  * Maintenance, bug fixes

    - A lot of memory leaks have been plugged
    - Refactored rpmverifyfile probe and fixed memory leak
    - Fixed SEGFAULT caused by recursive and circular dependencies between OVAL definitions
    - Fixed DOM representation of the profile platform
    - Test suit: better portability, more granularity in results, inclusion of memory-related tests
    - Compatibility with uClibc
    - Local and remote file system detection method was improved
    - Make the report a valid HTML5 document
    - openscap: DISA STIG Viewer URL reference changed (bsc#1180456)

openscap 1.3.3:

Notable improvements in this release:

  - a Python script that can be used for CLI tailoring (autotailor) (thank you, Mat&#283;j T&#253;&#269;);
  - timezone for XCCDF TestResult start and end time (thank you, Jan &#268;ern&#253;);
  - new yamlfilecontent independent probe (draft implementation),
    see the proposal https://github.com/OVAL-Community/OVAL/issues/91
    for additional information.

There are other changes as well, here is the list:

  - Introduced `urn:xccdf:fix:script:kubernetes` fix type in XCCDF;
  - Added ability to generate `machineconfig` fix;
  - Detect ambiguous scan target (utils/oscap-podman);
  - Fixed #170: The rpmverifyfile probe can't verify files from '/bin' directory;
  - The data system_info probe return for offline and online modes is consistent and actual;
  - Prevent crashes when complicated regexes are executed in textfilecontent58 probe;
  - Fixed #1512: Severity refinement lost in generated guide;
  - Fixed #1453: Pointer lost in Swig API;
  - Evaluation Characteristics of the XCCDF report are now consistent with OVAL entities;
    from system_info probe;
  - Fixed filepath pattern matching in offline mode in textfilecontent58 probe;
  - Fixed infinite recursion in systemdunitdependency probe;
  - Fixed the case when CMake couldn't find libacl or xattr.h.

openscap 1.3.2:

  - the test suite and build scripts were improved to support Debian 10
  - offline mode has received some love with a set of dedicated tests and various fixes in OVAL probes;
  - the oscap-docker wrapper is no longer dependent on Atomic 
  - Python binding are now more robust 
  - HTML reports and guides, generated by the scanner, are now more accessible for non-visual rendering agents 
  - Support of multi-check rules has been improved across the whole workflow 

  There are other changes as well, here is the list:

  * New features

    - Offline mode support for environmentvariable58 probe
    - The oscap-docker wrapper is available without Atomic

  * Maintenance, bug fixes

    - Improved support of multi-check rules (report, remediations, console output)
    - Improved HTML report look and feel, including printed version
    - Less clutter in verbose mode output; some warnings and errors demoted to verbose mode levels
    - Probe rpmverifyfile uses and returns canonical paths
    - Improved a11y of HTML reports and guides
    - Fixes and improvements for SWIG Python bindings
    - #1403 fixed: Scanner would not apply remediation for multicheck rules (verbosity)
    - Fixed URL link mechanism for Red Hat Errata
    - New STIG Viewer URI: public.cyber.mil
    - Probe selinuxsecuritycontext would not check if SELinux is enabled
    - Scanner would provide information about unsupported OVAL objects
    - Added more tests for offline mode (probes, remediation)
    - #528 fixed: Eval SCE script when /tmp is in mode noexec
    - #1173, RHBZ#1603347 fixed: Double chdir/chroot in probe rpmverifypackage
    - make it build with new RPM  (bsc#1160720)
</description>
</patchinfo>