b873de1
# SSG build system and tests count with build directory name `build`.
b873de1
# For more details see:
b873de1
# https://fedoraproject.org/wiki/Changes/CMake_to_do_out-of-source_builds
b873de1
%global _vpath_builddir build
b873de1
426d6a0
Name:		scap-security-guide
e588252
Version:	0.1.64
13c5eb8
Release:	1%{?dist}
426d6a0
Summary:	Security guidance and baselines in SCAP formats
64a2d8e
License:	BSD
ab2790c
URL:		https://github.com/ComplianceAsCode/content/
ab2790c
Source0:	https://github.com/ComplianceAsCode/content/releases/download/v%{version}/scap-security-guide-%{version}.tar.bz2
426d6a0
BuildArch:	noarch
Martin Preisler 3a4ccfa
b0f0052
BuildRequires:	libxslt
b0f0052
BuildRequires:	expat
b0f0052
BuildRequires:	openscap-scanner >= 1.2.5
b0f0052
BuildRequires:	cmake >= 2.8
1e1397c
# To get python3 inside the buildroot require its path explicitly in BuildRequires
1e1397c
BuildRequires: /usr/bin/python3
b0f0052
BuildRequires:	python%{python3_pkgversion}
b0f0052
BuildRequires:	python%{python3_pkgversion}-jinja2
b0f0052
BuildRequires:	python%{python3_pkgversion}-PyYAML
7448413
BuildRequires:	python%{python3_pkgversion}-setuptools
Martin Preisler 3a4ccfa
Requires:	xml-common, openscap-scanner >= 1.2.5
426d6a0
426d6a0
%description
426d6a0
The scap-security-guide project provides a guide for configuration of the
426d6a0
system from the final system's security point of view. The guidance is specified
426d6a0
in the Security Content Automation Protocol (SCAP) format and constitutes
426d6a0
a catalog of practical hardening advice, linked to government requirements
426d6a0
where applicable. The project bridges the gap between generalized policy
1e1397c
requirements and specific implementation guidelines. The system
6d9587a
administrator can use the oscap CLI tool from openscap-scanner package, or the
426d6a0
scap-workbench GUI tool from scap-workbench package to verify that the system
426d6a0
conforms to provided guideline. Refer to scap-security-guide(8) manual page for
426d6a0
further information.
426d6a0
ffb3d08
%package	doc
0d4d055
Summary:	HTML formatted security guides generated from XCCDF benchmarks
ffb3d08
Requires:	%{name} = %{version}-%{release}
ffb3d08
ffb3d08
%description	doc
ffb3d08
The %{name}-doc package contains HTML formatted documents containing
ffb3d08
hardening guidances that have been generated from XCCDF benchmarks
ffb3d08
present in %{name} package.
ffb3d08
1a4066d
%if ( %{defined rhel} && (! %{defined centos}) )
1a4066d
%package	rule-playbooks
1a4066d
Summary:	Ansible playbooks per each rule.
1a4066d
Group:		System Environment/Base
1a4066d
Requires:	%{name} = %{version}-%{release}
1a4066d
1a4066d
%description	rule-playbooks
1a4066d
The %{name}-rule-playbooks package contains individual ansible playbooks per rule.
1a4066d
%endif
1a4066d
426d6a0
%prep
2930a64
%autosetup -p1
426d6a0
2930a64
%define cmake_defines_common -DSSG_SEPARATE_SCAP_FILES_ENABLED=OFF -DSSG_BASH_SCRIPTS_ENABLED=OFF -DSSG_BUILD_SCAP_12_DS=OFF
2930a64
%define cmake_defines_specific %{nil}
1e1397c
%if 0%{?rhel}
1a4066d
%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_RHEL%{rhel}:BOOLEAN=TRUE -DSSG_SCIENTIFIC_LINUX_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_ANSIBLE_PLAYBOOKS_PER_RULE_ENABLED:BOOL=ON
1a4066d
%endif
1a4066d
%if 0%{?centos}
1a4066d
%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_RHEL%{centos}:BOOLEAN=TRUE -DSSG_SCIENTIFIC_LINUX_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=ON
1e1397c
%endif
1e1397c
1e1397c
mkdir -p build
426d6a0
%build
2930a64
%cmake %{cmake_defines_common} %{cmake_defines_specific}
e4c3512
%cmake_build
426d6a0
426d6a0
%install
e4c3512
%cmake_install
2930a64
rm %{buildroot}/%{_docdir}/%{name}/README.md
2930a64
rm %{buildroot}/%{_docdir}/%{name}/Contributors.md
ffb3d08
426d6a0
%files
Martin Preisler 3a4ccfa
%{_datadir}/xml/scap/ssg/content
3f797b1
%{_datadir}/%{name}/kickstart
2930a64
%{_datadir}/%{name}/ansible/*.yml
500fdac
%{_datadir}/%{name}/tailoring
Martin Preisler 3a4ccfa
%lang(en) %{_mandir}/man8/scap-security-guide.8.*
ffb3d08
%doc %{_docdir}/%{name}/LICENSE
1a4066d
%if ( %{defined rhel} && (! %{defined centos}) )
1a4066d
%exclude %{_datadir}/%{name}/ansible/rule_playbooks
1a4066d
%endif
426d6a0
ffb3d08
%files doc
ffb3d08
%doc %{_docdir}/%{name}/guides/*.html
c6b8585
%doc %{_docdir}/%{name}/tables/*.html
fda0ca8
1a4066d
%if ( %{defined rhel} && (! %{defined centos}) )
1a4066d
%files rule-playbooks
1a4066d
%defattr(-,root,root,-)
1a4066d
%{_datadir}/%{name}/ansible/rule_playbooks
1a4066d
%endif
1a4066d
426d6a0
%changelog
e588252
* Tue Oct 04 2022 Watson Sato <wsato@redhat.com> - 0.1.64-1
e588252
- Update to latest upstream SCAP-Security-Guide-0.1.64 release:
e588252
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.64
e588252
13c5eb8
* Mon Aug 01 2022 Watson Sato <wsato@redhat.com> - 0.1.63-1
13c5eb8
- Update to latest upstream SCAP-Security-Guide-0.1.63 release:
13c5eb8
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.63
13c5eb8
192107c
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.62-3
192107c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
192107c
c64d08d
* Thu Jun 09 2022 Vojtech Polasek <vpolasek@redhat.com> - 0.1.62-2
c64d08d
- rebuild, the release did not get propagated into rawhide
c64d08d
2500d55
* Mon May 30 2022 Vojtech Polasek <vpolasek@redhat.com> - 0.1.62-1
2500d55
- Update to latest upstream SCAP-Security-Guide-0.1.62 release:
2500d55
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.62
2500d55
7448413
* Wed May 04 2022 Watson Sato <wsato@redhat.com> - 0.1.61-1
7448413
- Update to latest upstream SCAP-Security-Guide-0.1.61 release:
7448413
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.61
7448413
538e9e4
* Fri Jan 28 2022 Watson Sato <wsato@redhat.com> - 0.1.60-1
538e9e4
- Update to latest upstream SCAP-Security-Guide-0.1.60 release:
538e9e4
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.60
538e9e4
cd4c51a
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.59-2
cd4c51a
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
cd4c51a
500fdac
* Wed Dec 01 2021 Watson Sato <wsato@redhat.com> - 0.1.59-1
500fdac
- Update to latest upstream SCAP-Security-Guide-0.1.59 release:
500fdac
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.59
9321395
- Fix loading of jinja files
500fdac
64a2d8e
* Thu Sep 30 2021 Watson Sato <wsato@redhat.com> - 0.1.58-1
64a2d8e
- Update to latest upstream SCAP-Security-Guide-0.1.58 release:
64a2d8e
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.58
64a2d8e
- Fix license warning.
64a2d8e
1a4066d
* Thu Jul 29 2021 Matej Tyc <matyc@redhat.com> - 0.1.57-1
1a4066d
- Update to latest upstream SCAP-Security-Guide-0.1.57 release:
1a4066d
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.57
1a4066d
a4377de
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.56-3
a4377de
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
a4377de
2930a64
* Tue Jun 08 2021 Matej Tyc <matyc@redhat.com> - 0.1.56-2
2930a64
- Updated the packaging according to the RHEL development trends.
2930a64
- Don't ship 1.2 datastreams and Bash remediations.
2930a64
- Clean up dependencies and other package metadata.
2930a64
- Change the RHEL target.
2930a64
facca30
* Wed May 26 2021 Vojtech Polasek <vpolasek@redhat.com> - 0.1.56-1
facca30
- Update to latest upstream SCAP-Security-Guide-0.1.56 release:
facca30
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.56
facca30
d1eedd2
* Fri Mar 19 2021 Vojtech Polasek <vpolasek@redhat.com> - 0.1.55-2
d1eedd2
- rebuilt
d1eedd2
e0b27dc
* Fri Mar 19 2021 Vojtech Polasek <vpolasek@redhat.com> - 0.1.55-1
e0b27dc
- Update to latest upstream SCAP-Security-Guide-0.1.55 release:
e0b27dc
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.55
e0b27dc
1e1397c
* Fri Feb 12 2021 Matej Tyc <matyc@redhat.com> - 0.1.54-3
1e1397c
- Moved the spec file closer to the RHEL one.
1e1397c
893d396
* Fri Feb 12 2021 Vojtech Polasek <vpolasek@redhat.com> - 0.1.54-2
893d396
- fix definition of build directory
893d396
87cd170
* Fri Feb 05 2021 Vojtech Polasek <vpolasek@redhat.com> - 0.1.54-1
87cd170
- Update to latest upstream SCAP-Security-Guide-0.1.54 release:
87cd170
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.54
87cd170
439bd0b
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.53-2
439bd0b
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
439bd0b
2f106e4
* Mon Nov 16 2020 Vojtech Polasek <vpolasek@redhat.com> - 0.1.53-1
2f106e4
- Update to latest upstream SCAP-Security-Guide-0.1.53 release:
2f106e4
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.53
2f106e4
e4c3512
* Wed Sep 23 2020 Vojtech Polasek <vpolasek@redhat.com> - 0.1.52-3
e4c3512
- revert previous rework, it did not solve the problem
e4c3512
20f142c
* Wed Sep 23 2020 Vojtech Polasek <vpolasek@redhat.com> - 0.1.52-2
20f142c
- rewrite solution for CMake out of source builds
20f142c
4f696fc
* Mon Sep 21 2020 Vojtech Polasek <vpolasek@redhat.com> - 0.1.52-1
4f696fc
- Update to latest upstream SCAP-Security-Guide-0.1.52 release:
4f696fc
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.52
4f696fc
53abd55
* Tue Aug 04 2020 Jan Černý <jcerny@redhat.com> - 0.1.51-4
53abd55
- Update for new CMake out of source builds
53abd55
  https://fedoraproject.org/wiki/Changes/CMake_to_do_out-of-source_builds
53abd55
- Fix FTBS in Rawhide/F33 (RHBZ#1863741)
53abd55
d119e01
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.51-3
d119e01
- Second attempt - Rebuilt for
d119e01
  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
d119e01
41cc615
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.51-2
41cc615
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
41cc615
ec69b1e
* Fri Jul 17 2020 Vojtech Polasek <vpolasek@redhat.com> - 0.1.51-1
ec69b1e
- Update to latest upstream SCAP-Security-Guide-0.1.51 release:
ec69b1e
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.51
ec69b1e
e703fce
* Mon Mar 23 2020 Watson Sato <wsato@redhat.com> - 0.1.49-1
e703fce
- Update to latest upstream SCAP-Security-Guide-0.1.49 release:
e703fce
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.49
e703fce
81a4c4a
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.48-2
81a4c4a
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
81a4c4a
20a28d3
* Thu Jan 16 2020 Watson Sato <wsato@redhat.com> - 0.1.48-1
20a28d3
- Update to latest upstream SCAP-Security-Guide-0.1.48 release:
20a28d3
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.48
20a28d3
c66c409
* Mon Dec 09 2019 Matěj Týč <matyc@redhat.com> - 0.1.47-2
c66c409
- Hotfix of the XML parsing fix.
0de9f5a
0de9f5a
* Mon Dec 09 2019 Matěj Týč <matyc@redhat.com> - 0.1.47-1
0de9f5a
- Update to latest upstream SCAP-Security-Guide-0.1.47 release:
0de9f5a
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.47
0de9f5a
- Fixed XML parsing of remediation functions.
0de9f5a
9b2b46f
* Mon Jul 29 2019 Watson Sato <wsato@redhat.com> - 0.1.45-1
9b2b46f
- Update to latest upstream SCAP-Security-Guide-0.1.45 release:
9b2b46f
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.45
9b2b46f
d109f3f
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.44-2
d109f3f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
d109f3f
e4fecb2
* Mon May 06 2019 Watson Yuuma Sato <wsato@redhat.com> - 0.1.44-1
e4fecb2
- Update to latest upstream SCAP-Security-Guide-0.1.44 release:
e4fecb2
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.44
e4fecb2
ab2790c
* Fri Feb 22 2019 Watson Yuuma Sato <wsato@redhat.com> - 0.1.43-1
ab2790c
- Update to latest upstream SCAP-Security-Guide-0.1.43 release:
ab2790c
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.43
ab2790c
- Update URL and source URL
ab2790c
29a9c19
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.42-2
29a9c19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
29a9c19
a4703bf
* Wed Dec 12 2018 Watson Yuuma Sato <wsato@redhat.com> - 0.1.42-1
a4703bf
- Update to latest upstream SCAP-Security-Guide-0.1.42 release:
a4703bf
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.42
5781d0c
- Fix man page build dependency on derivative content
a4703bf
8649d09
* Mon Oct 01 2018 Watson Yuuma Sato <wsato@redhat.com> - 0.1.41-1
8649d09
- Update to latest upstream SCAP-Security-Guide-0.1.41 release:
8649d09
  https://github.com/ComplianceAsCode/content/releases/tag/v0.1.41
b954eaa
- Fix Licence of this package
8649d09
9e09b6e
* Wed Jul 25 2018 Matěj Týč <matyc@redhat.com> - 0.1.40-1
9e09b6e
- Update to latest upstream SCAP-Security-Guide-0.1.40 release:
9e09b6e
  https://github.com/OpenSCAP/scap-security-guide/releases/tag/v0.1.40
9e09b6e
- Update to use Python3 for build.
9e09b6e
183c53a
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.39-3
183c53a
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
183c53a
94e9092
* Fri May 04 2018 Watson Yuuma Sato <wsato@redhat.com> - 0.1.39-2
94e9092
- Add python version to python2-jinja2 package
94e9092
261855b
* Fri May 04 2018 Watson Yuuma Sato <wsato@redhat.com> - 0.1.39-1
261855b
- Update to latest upstream SCAP-Security-Guide-0.1.39 release:
261855b
  https://github.com/OpenSCAP/scap-security-guide/releases/tag/v0.1.39
261855b
c50319a
* Mon Mar 05 2018 Watson Yuuma Sato <wsato@redhat.com> - 0.1.38-2
c50319a
- Add python version to python package prefixes
c50319a
a96810a
* Mon Mar 05 2018 Watson Yuuma Sato <wsato@redhat.com> - 0.1.38-1
a96810a
- Update to latest upstream SCAP-Security-Guide-0.1.38 release:
a96810a
  https://github.com/OpenSCAP/scap-security-guide/releases/tag/v0.1.38
a96810a
a08999d
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.37-2
a08999d
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
a08999d
a4e4c07
* Thu Jan 04 2018 Watson Yuuma Sato <wsato@redhat.com> - 0.1.37-1
a4e4c07
- Update to latest upstream SCAP-Security-Guide-0.1.37 release:
a4e4c07
  https://github.com/OpenSCAP/scap-security-guide/releases/tag/v0.1.37
a4e4c07
c6b8585
* Wed Nov 01 2017 Watson Yuuma Sato <wsato@redhat.com> - 0.1.36-1
c6b8585
- Update to latest upstream SCAP-Security-Guide-0.1.36 release:
c6b8585
  https://github.com/OpenSCAP/scap-security-guide/releases/tag/v0.1.36
c6b8585
5213798
* Tue Aug 29 2017 Watson Sato <wsato@redhat.com> - 0.1.35-1
5213798
- Update to latest upstream SCAP-Security-Guide-0.1.35 release:
5213798
  https://github.com/OpenSCAP/scap-security-guide/releases/tag/v0.1.35
5213798
a0ac4da
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.34-2
a0ac4da
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
a0ac4da
875bc33
* Mon Jul 03 2017 Watson Sato <wsato@redhat.com> - 0.1.34-1
875bc33
- updated to latest upstream release
875bc33
Martin Preisler 0950917
* Mon May 01 2017 Martin Preisler <mpreisle@redhat.com> - 0.1.33-1
Martin Preisler 0950917
- updated to latest upstream release
Martin Preisler 0950917
Martin Preisler 3a4ccfa
* Thu Mar 30 2017 Martin Preisler <mpreisle@redhat.com> - 0.1.32-1
Martin Preisler 3a4ccfa
- updated to latest upstream release
Martin Preisler 3a4ccfa
f939429
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.31-3
f939429
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
f939429
Martin Preisler fdb3a02
* Mon Nov 28 2016 Martin Preisler <mpreisle@redhat.com> - 0.1.31-2
Martin Preisler fdb3a02
- use make_build and make_install RPM macros
Martin Preisler fdb3a02
Martin Preisler d086af7
* Mon Nov 28 2016 Martin Preisler <mpreisle@redhat.com> - 0.1.31-1
Martin Preisler d086af7
- update to the latest upstream release
Martin Preisler d086af7
- new default location for content /usr/share/scap/ssg
Martin Preisler d086af7
- install HTML tables in the doc subpackage
Martin Preisler d086af7
34ff3c5
* Mon Jun 27 2016 Jan iankko Lieskovsky <jlieskov@redhat.com> - 0.1.30-2
34ff3c5
- Correct currently failing parallel SCAP Security Guide build
34ff3c5
3f797b1
* Mon Jun 27 2016 Jan iankko Lieskovsky <jlieskov@redhat.com> - 0.1.30-1
3f797b1
- Update to latest upstream SCAP-Security-Guide-0.1.30 release:
3f797b1
  https://github.com/OpenSCAP/scap-security-guide/releases/tag/v0.1.30
3f797b1
- Drop shell library for remediation functions since it is not required
3f797b1
  starting from 0.1.30 release any more
3f797b1
80673cf
* Thu May 05 2016 Jan iankko Lieskovsky <jlieskov@redhat.com> - 0.1.29-1
80673cf
- Update to latest upstream SCAP-Security-Guide-0.1.29 release:
80673cf
  https://github.com/OpenSCAP/scap-security-guide/releases/tag/v0.1.29
7ab0b3e
- Do not ship Firefox/DISCLAIMER documentation file since it has been removed
7ab0b3e
  in 0.1.29 upstream release
80673cf
f5eee04
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.28-2
f5eee04
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
f5eee04
e81a595
* Wed Jan 20 2016 Šimon Lukašík <slukasik@redhat.com> - 0.1.28-1
e81a595
- upgrade to the latest upstream release
e81a595
aa2799d
* Fri Dec 11 2015 Šimon Lukašík <slukasik@redhat.com> - 0.1.27-1
aa2799d
- update to the latest upstream release
aa2799d
a8b94e9
* Tue Oct 20 2015 Šimon Lukašík <slukasik@redhat.com> - 0.1.26-1
a8b94e9
- update to the latest upstream release
a8b94e9
3a42be4
* Sat Sep 05 2015 Šimon Lukašík <slukasik@redhat.com> - 0.1.25-1
3a42be4
- update to the latest upstream release
3a42be4
ffb3d08
* Thu Jul 09 2015 Šimon Lukašík <slukasik@redhat.com> - 0.1.24-1
ffb3d08
- update to the latest upstream release
ffb3d08
- created doc sub-package to ship all the guides
ffb3d08
- start distributing centos and scientific linux content
ffb3d08
- rename java content to jre
ffb3d08
f43c42b
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.22-2
f43c42b
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
f43c42b
f024d80
* Tue May 05 2015 Šimon Lukašík <slukasik@redhat.com> - 0.1.22-1
f024d80
- update to the latest upstream release
2c625f0
- only DataStream file is now available for Fedora
404d912
- start distributing security baseline for Firefox
404d912
- start distributing security baseline for Java RunTime deployments
f024d80
6b23eba
* Wed Mar 04 2015 Šimon Lukašík <slukasik@redhat.com> - 0.1.21-1
6b23eba
- update to the latest upstream release
e196ca6
- move content to /usr/share/scap/ssg/content
6b23eba
57b107c
* Thu Oct 02 2014 Šimon Lukašík <slukasik@redhat.com> - 0.1.19-1
57b107c
- update to the latest upstream release
57b107c
6d9587a
* Mon Jul 14 2014 Šimon Lukašík <slukasik@redhat.com> - 0.1.5-4
6d9587a
- require only openscap-scanner, not whole openscap-utils package
6d9587a
cdbf042
* Tue Jul 01 2014 Šimon Lukašík <slukasik@redhat.com> - 0.1.5-3
cdbf042
- Rebase the RHEL part of SSG to the latest upstream version (0.1.18)
3075ec2
- Add STIG DISCLAIMER to the shipped documentation
cdbf042
a6ba623
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.5-2
a6ba623
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
a6ba623
4da2b2b
* Thu Feb 27 2014 Jan iankko Lieskovsky <jlieskov@redhat.com> 0.1.5-1
4da2b2b
- Fix fedora-srpm and fedora-rpm Make targets to work again
4da2b2b
- Include RHEL-6 and RHEL-7 datastream files to support remote RHEL system scans
4da2b2b
- EOL for Fedora 18 support
4da2b2b
- Include Fedora datastream file for remote Fedora system scans
4da2b2b
4d818e1
* Mon Jan 06 2014 Jan iankko Lieskovsky <jlieskov@redhat.com> 0.1.4-2
4d818e1
- Drop -compat package, provide openscap-content directly (RH BZ#1040335#c14)
4d818e1
fda0ca8
* Fri Dec 20 2013 Jan iankko Lieskovsky <jlieskov@redhat.com> 0.1.4-1
fda0ca8
- Fix remediation for sshd set keepalive (ClientAliveCountMax) and move
fda0ca8
  it to /shared
fda0ca8
- Add shared remediations for sshd disable empty passwords and
fda0ca8
  sshd set idle timeout
fda0ca8
- Shared remediation for sshd disable root login
fda0ca8
- Add empty -compat subpackage to ensure backward-compatibility with
fda0ca8
  openscap-content and firstaidkit-plugin-openscap packages (RH BZ#1040335)
fda0ca8
- OVAL check for sshd disable root login
fda0ca8
- Fix typo in OVAL check for sshd disable empty passwords
fda0ca8
- OVAL check for sshd disable empty passwords
fda0ca8
- Unselect no shelllogin for systemaccounts rule from being run by default
fda0ca8
- Rename XCCDF rules
fda0ca8
- Revert Set up Fedora release name and CPE based on build system properties
fda0ca8
- Shared OVAL check for Verify that Shared Library Files Have Root Ownership
fda0ca8
- Shared OVAL check for Verify that System Executables Have Restrictive Permissions
fda0ca8
- Shared OVAL check for Verify that System Executables Have Root Ownership
fda0ca8
- Shared OVAL check for Verify that Shared Library Files Have Restrictive
fda0ca8
  Permissions
fda0ca8
- Fix remediation for Disable Prelinking rule
fda0ca8
- OVAL check and remediation for sshd's ClientAliveCountMax rule
fda0ca8
- OVAL check for sshd's ClientAliveInterval rule
fda0ca8
- Include descriptions for permissions section, and rules for checking
fda0ca8
  permissions and ownership of shared library files and system executables
fda0ca8
- Disable selected rules by default
fda0ca8
- Add remediation for Disable Prelinking rule
fda0ca8
- Adjust service-enable-macro, service-disable-macro XSLT transforms
fda0ca8
  definition to evaluate to proper systemd syntax
fda0ca8
- Fix service_ntpd_enabled OVAL check make validate to pass again
fda0ca8
- Include patch from Šimon Lukašík to obsolete openscap-content
fda0ca8
  package (RH BZ#1028706)
fda0ca8
- Add OVAL check to test if there's is remote NTP server configured for
fda0ca8
  time data
fda0ca8
- Add system settings section for the guide (to track system wide
fda0ca8
  hardening configurations)
fda0ca8
- Include disable prelink rule and OVAL check for it
fda0ca8
- Initial OVAL check if ntpd service is enabled. Add package_installed
fda0ca8
  OVAL templating directory structure and functionality.
fda0ca8
- Include services section, and XCCDF description for selected ntpd's
fda0ca8
  sshd's service rules
fda0ca8
- Include remediations for login.defs' based password minimum, maximum and
fda0ca8
  warning age rules
fda0ca8
- Include directory structure to support remediations
fda0ca8
- Add SCAP "replace or append pattern value in text file based on variable"
fda0ca8
  remediation script generator
fda0ca8
- Add remediation for "Set Password Minimum Length in login.defs" rule
fda0ca8
fda0ca8
* Mon Nov 18 2013 Jan iankko Lieskovsky <jlieskov@redhat.com> 0.1.3-1
fda0ca8
- Update versioning scheme - move fedorassgrelease to be part of
fda0ca8
  upstream version. Rename it to fedorassgversion to avoid name collision
fda0ca8
  with Fedora package release.
76c9a91
426d6a0
* Tue Oct 22 2013 Jan iankko Lieskovsky <jlieskov@redhat.com> 0.1-3
426d6a0
- Add .gitignore for Fedora output directory
426d6a0
- Set up Fedora release name and CPE based on build system properties
426d6a0
- Use correct file paths in scap-security-guide(8) manual page 
426d6a0
  (RH BZ#1018905, c#10)
426d6a0
- Apply further changes motivated by scap-security-guide Fedora RPM review
426d6a0
  request (RH BZ#1018905, c#8):
426d6a0
  * update package description,
426d6a0
  * make content files to be owned by the scap-security-guide package,
426d6a0
  * remove Fedora release number from generated content files,
426d6a0
  * move HTML form of the guide under the doc directory (together
426d6a0
    with that drop fedora/content subdir and place the content
426d6a0
    directly under fedora/ subdir).
426d6a0
- Fixes for scap-security-guide Fedora RPM review request (RH BZ#1018905):
426d6a0
  * drop Fedora release from package provided files' final path (c#5),
426d6a0
  * drop BuildRoot, selected Requires:, clean section, drop chcon for
426d6a0
    manual page, don't gzip man page (c#4),
426d6a0
  * change package's description (c#4),
426d6a0
  * include PD license text (#c4).
426d6a0
426d6a0
* Mon Oct 14 2013 Jan iankko Lieskovsky <jlieskov@redhat.com> 0.1-2
426d6a0
- Provide manual page for scap-security-guide
426d6a0
- Remove percent sign from spec's changelog to silence rpmlint warning
426d6a0
- Convert RHEL6 'Restrict Root Logins' section's rules to Fedora
426d6a0
- Convert RHEL6 'Set Password Expiration Parameter' rules to Fedora
426d6a0
- Introduce 'Account and Access Control' section
426d6a0
- Convert RHEL6 'Verify Proper Storage and Existence of Password Hashes' section's
426d6a0
  rules to Fedora
426d6a0
- Set proper name of the build directory in the spec's setup macro.
426d6a0
- Replace hard-coded paths with macros. Preserve attributes when copying files.
426d6a0
426d6a0
* Tue Sep 17 2013 Jan iankko Lieskovsky <jlieskov@redhat.com> 0.1-1
426d6a0
- Initial Fedora SSG RPM.