import openscap-1.3.8-1.el9

1 year ago · ecb5557601
parent 279d18358c
commit ecb5557601
4 changed files with 54 additions and 4 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/openscap-1.3.7.tar.gz
+SOURCES/openscap-1.3.8.tar.gz
--- a/.openscap.metadata
+++ b/.openscap.metadata
@ -1 +1 @@
-238acbe6e18162b54cbdd0083c52511c00faa268 SOURCES/openscap-1.3.7.tar.gz
+1d1370ea1c4ada69eb4cd591bd4f411bd7a19a1a SOURCES/openscap-1.3.8.tar.gz
--- a/SOURCES/openscap-1.3.9-PR-1996-fix-sysctl-offline.patch
+++ b/SOURCES/openscap-1.3.9-PR-1996-fix-sysctl-offline.patch
@ -0,0 +1,45 @@
 From 299e344b245e8d1b3a31a58275e0e8d0aa01ed77 Mon Sep 17 00:00:00 2001
 From: Evgeny Kolesnikov <ekolesni@redhat.com>
 Date: Sat, 8 Jul 2023 07:05:31 +0200
 Subject: [PATCH] OVAL/sysctl: Fix offline mode
 The initial implementation was buggy: after correctly traversing
 prefixed PREFIX/proc/sys directory tree it would incorrectly read
 the data from the non-prefixed directory tree.
 ---
 src/OVAL/probes/unix/sysctl_probe.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)
 diff --git a/src/OVAL/probes/unix/sysctl_probe.c b/src/OVAL/probes/unix/sysctl_probe.c
 index 65d4bd0609..b7c68a0378 100644
 --- a/src/OVAL/probes/unix/sysctl_probe.c
 +++ b/src/OVAL/probes/unix/sysctl_probe.c
@@ -150,10 +150,14 @@ int sysctl_probe_main(probe_ctx *ctx, void *probe_arg)
         while ((ofts_ent = oval_fts_read(ofts)) != NULL) {
                 SEXP_t *se_mib;
                 char    mibpath[PATH_MAX], *mib;
 -                size_t  miblen;
 +                size_t  miblen, mibstart;
                 struct stat file_stat;
 -                snprintf(mibpath, sizeof mibpath, "%s/%s", ofts_ent->path, ofts_ent->file);
 +                if (prefix != NULL) {
 +                        snprintf(mibpath, sizeof mibpath, "%s/%s/%s", prefix, ofts_ent->path, ofts_ent->file);
 +                } else {
 +                        snprintf(mibpath, sizeof mibpath, "%s/%s", ofts_ent->path, ofts_ent->file);
 +                }
                 /* Skip write-only files, eg. /proc/sys/net/ipv4/route/flush */
                 if (stat(mibpath, &file_stat) == -1) {
@@ -168,7 +172,10 @@ int sysctl_probe_main(probe_ctx *ctx, void *probe_arg)
                         continue;
                 }
 -                mib    = strdup(mibpath + strlen(PROC_SYS_DIR) + 1);
 +                mibstart = 0;
 +                mibstart += prefix != NULL ? strlen(prefix)+1 : 0;
 +                mibstart += strlen(PROC_SYS_DIR)+1;
 +                mib    = strdup(mibpath + mibstart);
                 miblen = strlen(mib);
                 while (miblen > 0) {
--- a/SPECS/openscap.spec
+++ b/SPECS/openscap.spec
@ -1,11 +1,12 @@
 Name:           openscap
-Version:        1.3.7
+Version:        1.3.8
 Release:        1%{?dist}
 Epoch:          1
 Summary:        Set of open source libraries enabling integration of the SCAP line of standards
 License:        LGPLv2+
 URL:            http://www.open-scap.org/
 Source0:        https://github.com/OpenSCAP/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz
 Patch0:         openscap-1.3.9-PR-1996-fix-sysctl-offline.patch
 BuildRequires:  make
 BuildRequires:  cmake >= 2.6
 BuildRequires:  gcc
@ -197,7 +198,11 @@ pathfix.py -i %{__python3} -p -n $RPM_BUILD_ROOT%{_bindir}/scap-as-rpm
 %{_bindir}/oscap-run-sce-script
 %changelog
-* Fri Apr 14 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 1.3.7-1
+* Fri Jul 14 2023 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.8-1
 - Upgrade to the latest upstream release (rhbz#2217442)
 - Fix systemd* probes unit enumeration (rhbz#2219532)
 * Fri Apr 14 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 1:1.3.7-1
 - Rebuilt for MSVSphere 9.2 beta
 * Fri Jan 27 2023 Jan Černý <jcerny@redhat.com> - 1:1.3.7-1
`@ -1 +1 @@`
	`SOURCES/openscap-1.3.7.tar.gz`	`SOURCES/openscap-1.3.8.tar.gz`
`@ -1 +1 @@`
	`238acbe6e18162b54cbdd0083c52511c00faa268 SOURCES/openscap-1.3.7.tar.gz`	`1d1370ea1c4ada69eb4cd591bd4f411bd7a19a1a SOURCES/openscap-1.3.8.tar.gz`