diff options
Diffstat (limited to 'meta-security-compliance/recipes-openscap')
21 files changed, 0 insertions, 815 deletions
diff --git a/meta-security-compliance/recipes-openscap/oe-scap/files/OpenEmbedded_nodistro_0.xccdf.xml b/meta-security-compliance/recipes-openscap/oe-scap/files/OpenEmbedded_nodistro_0.xccdf.xml deleted file mode 100644 index d3b2c9a..0000000 --- a/meta-security-compliance/recipes-openscap/oe-scap/files/OpenEmbedded_nodistro_0.xccdf.xml +++ /dev/null @@ -1,14 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<xccdf:Benchmark xmlns:xccdf="http://checklists.nist.gov/xccdf/1.1" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" id="generated-xccdf" resolved="1"> - <xccdf:status>incomplete</xccdf:status> - <xccdf:title>Automatically generated XCCDF from OVAL file: OpenEmbedded_nodistro_0.xml</xccdf:title> - <xccdf:description>This file has been generated automatically from oval definitions file.</xccdf:description> - <xccdf:version time="2017-06-07T04:05:05">None, generated from OVAL file.</xccdf:version> - <xccdf:Rule selected="true" id="oval-com.redhat.rhsa-def-20171365"> - <xccdf:title>CPE-2017:1365: nss security and bug fix update (Important)</xccdf:title> - <xccdf:ident system="http://cve.mitre.org">CVE-2017-7502</xccdf:ident> - <xccdf:check system="http://oval.mitre.org/XMLSchema/oval-definitions-5"> - <xccdf:check-content-ref href="OpenEmbedded_nodistro_0.xml" name="oval:com.redhat.rhsa:def:20171365"/> - </xccdf:check> - </xccdf:Rule> -</xccdf:Benchmark> diff --git a/meta-security-compliance/recipes-openscap/oe-scap/files/OpenEmbedded_nodistro_0.xml b/meta-security-compliance/recipes-openscap/oe-scap/files/OpenEmbedded_nodistro_0.xml deleted file mode 100644 index a9bf2a0..0000000 --- a/meta-security-compliance/recipes-openscap/oe-scap/files/OpenEmbedded_nodistro_0.xml +++ /dev/null @@ -1,83 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:red-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd"> - <generator> - <oval:product_name>OpenEmbedded Errata Test System</oval:product_name> - <oval:schema_version>5.10.1</oval:schema_version> - <oval:timestamp>2017-06-07T04:05:05</oval:timestamp> - </generator> - - <definitions> - <definition class="patch" id="oval:com.redhat.rhsa:def:20171365" version="604"> - <metadata> - <title>CPE-2017:1365: nss security and bug fix update (Important)</title> - <affected family="unix"> - <platform>OpenEmbedded Nodistro</platform> - </affected> - <reference ref_id="RHSA-2017:1365-03" ref_url="https://access.redhat.com/errata/RHSA-2017:1365" source="RHSA"/> - <reference ref_id="CVE-2017-7502" ref_url="https://access.redhat.com/security/cve/CVE-2017-7502" source="CVE"/> - <description>Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. - -Security Fix(es): - -* A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) - -Bug Fix(es): - -* The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1451421)</description> - -<!-- ~~~~~~~~~~~~~~~~~~~~ advisory details ~~~~~~~~~~~~~~~~~~~ --> - -<advisory from="example.com"> - <severity>Important</severity> - <rights>NA</rights> - <issued date="2017-05-30"/> - <updated date="2017-05-30"/> - <cve cvss3="7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" cwe="CWE-476" href="https://access.redhat.com/security/cve/CVE-2017-7502">CVE-2017-7502</cve> - <bugzilla href="https://bugzilla.redhat.com/1446631" id="1446631">CVE-2017-7502 nss: Null pointer dereference when handling empty SSLv2 messages</bugzilla> - <affected_cpe_list> - <cpe>cpe:/o:openembedded:nodistro:0</cpe> - </affected_cpe_list> -</advisory> - </metadata> - -<criteria operator="AND"> - <criterion comment="Red Hat Enterprise Linux 7 Client is installed" test_ref="oval:com.redhat.rhsa:tst:20171365001"/> - <criterion comment="nss is earlier than 0:3.28.4-r0" test_ref="oval:com.redhat.rhsa:tst:20171365007"/> -</criteria> - - </definition> - </definitions> - <tests> - <!-- ~~~~~~~~~~~~~~~~~~~~~ rpminfo tests ~~~~~~~~~~~~~~~~~~~~~ --> - <rpminfo_test check="at least one" comment="Red Hat Enterprise Linux 7 Client is installed" id="oval:com.redhat.rhsa:tst:20171365001" version="604" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> - <object object_ref="oval:com.redhat.rhsa:obj:20171365001"/> - <state state_ref="oval:com.redhat.rhsa:ste:20171365002"/> -</rpminfo_test> -<rpminfo_test check="at least one" comment="nss is earlier than 0:3.31.4-r0" id="oval:com.redhat.rhsa:tst:20171365007" version="604" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> - <object object_ref="oval:com.redhat.rhsa:obj:20171365006"/> - <state state_ref="oval:com.redhat.rhsa:ste:20171365003"/> -</rpminfo_test> - - </tests> - - <objects> - <!-- ~~~~~~~~~~~~~~~~~~~~ rpminfo objects ~~~~~~~~~~~~~~~~~~~~ --> - <rpminfo_object id="oval:com.redhat.rhsa:obj:20171365006" version="604" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> - <name>nss</name> -</rpminfo_object> -<rpminfo_object id="oval:com.redhat.rhsa:obj:20171365001" version="604" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> - <name>openembedded-release</name> -</rpminfo_object> - - </objects> - <states> - <!-- ~~~~~~~~~~~~~~~~~~~~ rpminfo states ~~~~~~~~~~~~~~~~~~~~~ --> -<rpminfo_state id="oval:com.redhat.rhsa:ste:20171365002" version="604" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> - <version operation="pattern match">^1[^\d]</version> -</rpminfo_state> -<rpminfo_state id="oval:com.redhat.rhsa:ste:20171365003" version="604" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"> - <evr datatype="evr_string" operation="less than">0:3.31.4-r0</evr> -</rpminfo_state> - - </states> -</oval_definitions> diff --git a/meta-security-compliance/recipes-openscap/oe-scap/files/oval-to-xccdf.xslt b/meta-security-compliance/recipes-openscap/oe-scap/files/oval-to-xccdf.xslt deleted file mode 100644 index 2243ac4..0000000 --- a/meta-security-compliance/recipes-openscap/oe-scap/files/oval-to-xccdf.xslt +++ /dev/null @@ -1,72 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- Copyright 2012 Red Hat Inc., Durham, North Carolina. All Rights Reserved. - -This transformation is free software; you can redistribute it and/or modify -it under the terms of the GNU Lesser General Public License as published by -the Free Software Foundation; either version 2.1 of the License. - -This transformation is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License -for more details. - -You should have received a copy of the GNU Lesser General Public License along -with this library; if not, write to the Free Software Foundation, Inc., 59 -Temple Place, Suite 330, Boston, MA 02111-1307 USA - -Authors: - Šimon Lukašík <slukasik@redhat.com> ---> -<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0" - xmlns:xccdf="http://checklists.nist.gov/xccdf/1.1" - xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" - xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"> - <xsl:output method="xml" encoding="UTF-8"/> - - <xsl:template match="/"> - <xccdf:Benchmark id="generated-xccdf" resolved="1"> - <xccdf:status>incomplete</xccdf:status> - <xccdf:title> - <xsl:text>Automatically generated XCCDF from OVAL file: </xsl:text> - <xsl:value-of select="$ovalfile"/> - </xccdf:title> - <xccdf:description>This file has been generated automatically from oval definitions file.</xccdf:description> - <xccdf:version> - <xsl:attribute name="time"> - <xsl:value-of select="normalize-space(oval-def:oval_definitions/oval-def:generator/oval:timestamp[1]/text())"/> - </xsl:attribute> - <xsl:text>None, generated from OVAL file.</xsl:text> - </xccdf:version> - <xsl:apply-templates select="oval-def:oval_definitions/oval-def:definitions/oval-def:definition"/> - </xccdf:Benchmark> - </xsl:template> - - <xsl:template match="oval-def:definition"> - <xccdf:Rule selected="true"> - <xsl:attribute name="id"> - <xsl:value-of select="translate(@id,':','-')"/> - </xsl:attribute> - <xccdf:title> - <xsl:copy-of select="oval-def:metadata/oval-def:title/text()"/> - </xccdf:title> - <xsl:apply-templates select="oval-def:metadata/oval-def:advisory/oval-def:cve"/> - <xccdf:check system="http://oval.mitre.org/XMLSchema/oval-definitions-5"> - <xccdf:check-content-ref href="file"> - <xsl:attribute name="name"> - <xsl:value-of select="@id"/> - </xsl:attribute> - <xsl:attribute name="href"> - <xsl:value-of select="$ovalfile"/> - </xsl:attribute> - </xccdf:check-content-ref> - </xccdf:check> - </xccdf:Rule> - </xsl:template> - - <xsl:template match="oval-def:cve"> - <xccdf:ident system="http://cve.mitre.org"> - <xsl:copy-of select="text()"/> - </xccdf:ident> - </xsl:template> -</xsl:stylesheet> - diff --git a/meta-security-compliance/recipes-openscap/oe-scap/files/run_cve.sh b/meta-security-compliance/recipes-openscap/oe-scap/files/run_cve.sh deleted file mode 100644 index 48a7485..0000000 --- a/meta-security-compliance/recipes-openscap/oe-scap/files/run_cve.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -oscap oval eval \ ---report oval.html \ ---verbose-log-file filedevel.log \ ---verbose DEVEL \ -/usr/share/xml/scap/ssg/content/ssg-openembedded-ds.xml diff --git a/meta-security-compliance/recipes-openscap/oe-scap/files/run_test.sh b/meta-security-compliance/recipes-openscap/oe-scap/files/run_test.sh deleted file mode 100644 index 70cd82c..0000000 --- a/meta-security-compliance/recipes-openscap/oe-scap/files/run_test.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -#oscap oval eval --result-file ./myresults.xml ./OpenEmbedded_nodistro_0.xml - -oscap xccdf eval --results results.xml --report report.html OpenEmbedded_nodistro_0.xccdf.xml diff --git a/meta-security-compliance/recipes-openscap/oe-scap/oe-scap_1.0.bb b/meta-security-compliance/recipes-openscap/oe-scap/oe-scap_1.0.bb deleted file mode 100644 index fd53fcb..0000000 --- a/meta-security-compliance/recipes-openscap/oe-scap/oe-scap_1.0.bb +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright (C) 2017 Armin Kuster <akuster808@gmail.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -SUMARRY = "OE SCAP files" -LIC_FILES_CHKSUM = "file://README.md;md5=46dec9f167b6e05986cb4023df6d92f4" -LICENSE = "MIT" - -SRCREV = "7147871d7f37d408c0dd7720ef0fd3ec1b54ad98" -SRC_URI = "git://github.com/akuster/oe-scap.git" -SRC_URI += " \ - file://run_cve.sh \ - file://run_test.sh \ - file://OpenEmbedded_nodistro_0.xml \ - file://OpenEmbedded_nodistro_0.xccdf.xml \ - " - -S = "${WORKDIR}/git" - -do_configure[noexec] = "1" -do_compile[noexec] = "1" - -do_install () { - install -d ${D}/${datadir}/oe-scap - install ${WORKDIR}/run_cve.sh ${D}/${datadir}/oe-scap/. - install ${WORKDIR}/run_test.sh ${D}/${datadir}/oe-scap/. - install ${WORKDIR}/OpenEmbedded_nodistro_0.xml ${D}/${datadir}/oe-scap/. - install ${WORKDIR}/OpenEmbedded_nodistro_0.xccdf.xml ${D}/${datadir}/oe-scap/. - cp ${S}/* ${D}/${datadir}/oe-scap/. -} - -FILES_${PN} += "${datadir}/oe-scap" - -RDEPENDS_${PN} = "openscap bash" diff --git a/meta-security-compliance/recipes-openscap/openscap-daemon/files/0001-Renamed-module-and-variables-to-get-rid-of-async.patch b/meta-security-compliance/recipes-openscap/openscap-daemon/files/0001-Renamed-module-and-variables-to-get-rid-of-async.patch deleted file mode 100644 index 2a518bf..0000000 --- a/meta-security-compliance/recipes-openscap/openscap-daemon/files/0001-Renamed-module-and-variables-to-get-rid-of-async.patch +++ /dev/null @@ -1,130 +0,0 @@ -From c34349720a57997d30946286756e2ba9dbab6ace Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Mat=C4=9Bj=20T=C3=BD=C4=8D?= <matyc@redhat.com> -Date: Mon, 2 Jul 2018 11:21:19 +0200 -Subject: [PATCH] Renamed module and variables to get rid of async. - -async is a reserved word in Python 3.7. - -Upstream-Status: Backport -[https://github.com/OpenSCAP/openscap-daemon/commit/c34349720a57997d30946286756e2ba9dbab6ace] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - openscap_daemon/{async.py => async_tools.py} | 0 - openscap_daemon/dbus_daemon.py | 2 +- - openscap_daemon/system.py | 16 ++++++++-------- - tests/unit/test_basic_update.py | 3 ++- - 4 files changed, 11 insertions(+), 10 deletions(-) - rename openscap_daemon/{async.py => async_tools.py} (100%) - -diff --git a/openscap_daemon/async.py b/openscap_daemon/async_tools.py -similarity index 100% -rename from openscap_daemon/async.py -rename to openscap_daemon/async_tools.py -diff --git a/openscap_daemon/dbus_daemon.py b/openscap_daemon/dbus_daemon.py -index e6eadf9..cb6a8b6 100644 ---- a/openscap_daemon/dbus_daemon.py -+++ b/openscap_daemon/dbus_daemon.py -@@ -81,7 +81,7 @@ class OpenSCAPDaemonDbus(dbus.service.Object): - @dbus.service.method(dbus_interface=dbus_utils.DBUS_INTERFACE, - in_signature="", out_signature="a(xsi)") - def GetAsyncActionsStatus(self): -- return self.system.async.get_status() -+ return self.system.async_manager.get_status() - - @dbus.service.method(dbus_interface=dbus_utils.DBUS_INTERFACE, - in_signature="s", out_signature="(sssn)") -diff --git a/openscap_daemon/system.py b/openscap_daemon/system.py -index 2012f6e..85c2680 100644 ---- a/openscap_daemon/system.py -+++ b/openscap_daemon/system.py -@@ -26,7 +26,7 @@ import logging - from openscap_daemon.task import Task - from openscap_daemon.config import Configuration - from openscap_daemon import oscap_helpers --from openscap_daemon import async -+from openscap_daemon import async_tools - - - class ResultsNotAvailable(Exception): -@@ -40,7 +40,7 @@ TASK_ACTION_PRIORITY = 10 - - class System(object): - def __init__(self, config_file): -- self.async = async.AsyncManager() -+ self.async_manager = async_tools.AsyncManager() - - logging.info("Loading configuration from '%s'.", config_file) - self.config = Configuration() -@@ -90,7 +90,7 @@ class System(object): - input_file, tailoring_file, None - ) - -- class AsyncEvaluateSpecAction(async.AsyncAction): -+ class AsyncEvaluateSpecAction(async_tools.AsyncAction): - def __init__(self, system, spec): - super(System.AsyncEvaluateSpecAction, self).__init__() - -@@ -113,7 +113,7 @@ class System(object): - return "Evaluate Spec '%s'" % (self.spec) - - def evaluate_spec_async(self, spec): -- return self.async.enqueue( -+ return self.async_manager.enqueue( - System.AsyncEvaluateSpecAction( - self, - spec -@@ -488,7 +488,7 @@ class System(object): - - return ret - -- class AsyncUpdateTaskAction(async.AsyncAction): -+ class AsyncUpdateTaskAction(async_tools.AsyncAction): - def __init__(self, system, task_id, reference_datetime): - super(System.AsyncUpdateTaskAction, self).__init__() - -@@ -536,7 +536,7 @@ class System(object): - - if task.should_be_updated(reference_datetime): - self.tasks_scheduled.add(task.id_) -- self.async.enqueue( -+ self.async_manager.enqueue( - System.AsyncUpdateTaskAction( - self, - task.id_, -@@ -662,7 +662,7 @@ class System(object): - fix_type - ) - -- class AsyncEvaluateCVEScannerWorkerAction(async.AsyncAction): -+ class AsyncEvaluateCVEScannerWorkerAction(async_tools.AsyncAction): - def __init__(self, system, worker): - super(System.AsyncEvaluateCVEScannerWorkerAction, self).__init__() - -@@ -680,7 +680,7 @@ class System(object): - return "Evaluate CVE Scanner Worker '%s'" % (self.worker) - - def evaluate_cve_scanner_worker_async(self, worker): -- return self.async.enqueue( -+ return self.async_manager.enqueue( - System.AsyncEvaluateCVEScannerWorkerAction( - self, - worker -diff --git a/tests/unit/test_basic_update.py b/tests/unit/test_basic_update.py -index 6f683e6..7f953f7 100755 ---- a/tests/unit/test_basic_update.py -+++ b/tests/unit/test_basic_update.py -@@ -37,8 +37,9 @@ class BasicUpdateTest(unit_test_harness.APITest): - print(self.system.tasks) - self.system.schedule_tasks() - -- while len(self.system.async.actions) > 0: -+ while len(self.system.async_manager.actions) > 0: - time.sleep(1) - -+ - if __name__ == "__main__": - BasicUpdateTest.run() --- -2.7.4 - diff --git a/meta-security-compliance/recipes-openscap/openscap-daemon/openscap-daemon_0.1.10.bb b/meta-security-compliance/recipes-openscap/openscap-daemon/openscap-daemon_0.1.10.bb deleted file mode 100644 index a775021..0000000 --- a/meta-security-compliance/recipes-openscap/openscap-daemon/openscap-daemon_0.1.10.bb +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright (C) 2017 Armin Kuster <akuster808@gmail.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -SUMARRY = "The OpenSCAP Daemon is a service that runs in the background." -HOME_URL = "https://www.open-scap.org/tools/openscap-daemon/" -LIC_FILES_CHKSUM = "file://LICENSE;md5=40d2542b8c43a3ec2b7f5da31a697b88" -LICENSE = "LGPL-2.1" - -DEPENDS = "python3-dbus" - -SRCREV = "f25b16afb6ac761fea13132ff406fba4cdfd2b76" -SRC_URI = "git://github.com/OpenSCAP/openscap-daemon.git \ - file://0001-Renamed-module-and-variables-to-get-rid-of-async.patch \ - " - -inherit setuptools3 - -S = "${WORKDIR}/git" - -RDEPENDS_${PN} = "openscap scap-security-guide \ - python3-core python3-dbus \ - python3-pygobject \ - " diff --git a/meta-security-compliance/recipes-openscap/openscap/openscap.inc b/meta-security-compliance/recipes-openscap/openscap/openscap.inc deleted file mode 100644 index 812ea9f..0000000 --- a/meta-security-compliance/recipes-openscap/openscap/openscap.inc +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright (C) 2017 Armin Kuster <akuster808@gmail.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -SUMARRY = "NIST Certified SCAP 1.2 toolkit" -HOME_URL = "https://www.open-scap.org/tools/openscap-base/" -LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24" -LICENSE = "LGPL-2.1" - -DEPENDS = "dbus acl bzip2 pkgconfig gconf procps curl libxml2 libxslt libcap swig" -DEPENDS_class-native = "pkgconfig-native swig-native curl-native libxml2-native libxslt-native libcap-native" - -S = "${WORKDIR}/git" - -inherit cmake pkgconfig python3native python3targetconfig perlnative - -PACKAGECONFIG ?= "python3 rpm perl gcrypt ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)}" -PACKAGECONFIG[python3] = "-DENABLE_PYTHON3=ON, ,python3, python3" -PACKAGECONFIG[perl] = "-DENABLE_PERL=ON, ,perl, perl" -PACKAGECONFIG[rpm] = "-DENABLE_OSCAP_UTIL_AS_RPM=ON, ,rpm, rpm" -PACKAGECONFIG[gcrypt] = "-DWITH_CRYPTO=gcrypt, ,libgcrypt" -PACKAGECONFIG[nss3] = "-DWITH_CRYPTO=nss3, ,nss" -PACKAGECONFIG[selinux] = ", ,libselinux" - -EXTRA_OECMAKE += "-DENABLE_PROBES_LINUX=ON -DENABLE_PROBES_UNIX=ON \ - -DENABLE_PROBES_SOLARIS=OFF -DENABLE_PROBES_INDEPENDENT=ON \ - -DENABLE_OSCAP_UTIL=ON -DENABLE_OSCAP_UTIL_SSH=ON \ - -DENABLE_OSCAP_UTIL_DOCKER=OFF -DENABLE_OSCAP_UTIL_CHROOT=OFF \ - -DENABLE_OSCAP_UTIL_PODMAN=OFF -DENABLE_OSCAP_UTIL_VM=OFF \ - -DENABLE_PROBES_WINDOWS=OFF -DENABLE_VALGRIND=OFF \ - -DENABLE_SCE=ON -DENABLE_MITRE=OFF -DENABLE_TESTS=OFF \ - -DCMAKE_SKIP_INSTALL_RPATH=ON -DCMAKE_SKIP_RPATH=ON \ - " - -STAGING_OSCAP_DIR = "${TMPDIR}/work-shared/${MACHINE}/oscap-source" -STAGING_OSCAP_BUILDDIR = "${TMPDIR}/work-shared/openscap/oscap-build-artifacts" - -do_configure_append_class-native () { - sed -i 's:OSCAP_DEFAULT_CPE_PATH.*$:OSCAP_DEFAULT_CPE_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/cpe":' ${B}/config.h - sed -i 's:OSCAP_DEFAULT_SCHEMA_PATH.*$:OSCAP_DEFAULT_SCHEMA_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/schemas":' ${B}/config.h - sed -i 's:OSCAP_DEFAULT_XSLT_PATH.*$:OSCAP_DEFAULT_XSLT_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/xsl":' ${B}/config.h -} - -do_install_class-native[cleandirs] += " ${STAGING_OSCAP_BUILDDIR}" -do_install_append_class-native () { - oscapdir=${STAGING_OSCAP_BUILDDIR}/${datadir_native} - install -d $oscapdir - cp -a ${D}/${STAGING_DATADIR_NATIVE}/openscap $oscapdir -} - - -FILES_${PN} += "${PYTHON_SITEPACKAGES_DIR}" - -RDEPENDS_${PN} += "libxml2 python3-core libgcc bash" - -BBCLASSEXTEND = "native" diff --git a/meta-security-compliance/recipes-openscap/openscap/openscap_1.3.3.bb b/meta-security-compliance/recipes-openscap/openscap/openscap_1.3.3.bb deleted file mode 100644 index 51fa9ee..0000000 --- a/meta-security-compliance/recipes-openscap/openscap/openscap_1.3.3.bb +++ /dev/null @@ -1,9 +0,0 @@ -SUMARRY = "NIST Certified SCAP 1.2 toolkit" - -require openscap.inc - -SRCREV = "0cb55c55af6be9934d6fd0caf4563b206f289732" -SRC_URI = "git://github.com/OpenSCAP/openscap.git;branch=maint-1.3 \ -" - -DEFAULT_PREFERENCE = "-1" diff --git a/meta-security-compliance/recipes-openscap/openscap/openscap_git.bb b/meta-security-compliance/recipes-openscap/openscap/openscap_git.bb deleted file mode 100644 index 73a4729..0000000 --- a/meta-security-compliance/recipes-openscap/openscap/openscap_git.bb +++ /dev/null @@ -1,12 +0,0 @@ -# Copyright (C) 2017 Armin Kuster <akuster808@gmail.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -SUMARRY = "NIST Certified SCAP 1.2 toolkit with OE changes" - -include openscap.inc - -SRCREV = "a85943eee400fdbe59234d1c4a02d8cf710c4625" -SRC_URI = "git://github.com/akuster/openscap.git;branch=oe-1.3 \ -" - -PV = "1.3.3+git${SRCPV}" diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-Fix-XML-parsing-of-the-remediation-functions-file.patch b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-Fix-XML-parsing-of-the-remediation-functions-file.patch deleted file mode 100644 index c0b93e4..0000000 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-Fix-XML-parsing-of-the-remediation-functions-file.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 174293162e5840684d967e36840fc1f9f57c90be Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Mat=C4=9Bj=20T=C3=BD=C4=8D?= <matyc@redhat.com> -Date: Thu, 5 Dec 2019 15:02:05 +0100 -Subject: [PATCH] Fix XML "parsing" of the remediation functions file. - -A proper fix is not worth the effort, as we aim to kill shared Bash remediation -with Jinja2 macros. - -Upstream-Status: Backport -[https://github.com/ComplianceAsCode/content/commit/174293162e5840684d967e36840fc1f9f57c90be] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - ssg/build_remediations.py | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/ssg/build_remediations.py b/ssg/build_remediations.py -index 7da807bd6..13e90f732 100644 ---- a/ssg/build_remediations.py -+++ b/ssg/build_remediations.py -@@ -56,11 +56,11 @@ def get_available_functions(build_dir): - remediation_functions = [] - with codecs.open(xmlfilepath, "r", encoding="utf-8") as xmlfile: - filestring = xmlfile.read() -- # This regex looks implementation dependent but we can rely on -- # ElementTree sorting XML attrs alphabetically. Hidden is guaranteed -- # to be the first attr and ID is guaranteed to be second. -+ # This regex looks implementation dependent but we can rely on the element attributes -+ # being present on one line. -+ # We can't rely on ElementTree sorting XML attrs in any way since Python 3.7. - remediation_functions = re.findall( -- r'<Value hidden=\"true\" id=\"function_(\S+)\"', -+ r'<Value.*id=\"function_(\S+)\"', - filestring, re.DOTALL - ) - --- -2.17.1 - diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-Fix-platform-spec-file-check-tests-in-installed-OS-d.patch b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-Fix-platform-spec-file-check-tests-in-installed-OS-d.patch deleted file mode 100644 index 60664a3..0000000 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-Fix-platform-spec-file-check-tests-in-installed-OS-d.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 2beb4bc83a157b21edb1a3fef295cd4cced467df Mon Sep 17 00:00:00 2001 -From: Jate Sujjavanich <jatedev@gmail.com> -Date: Thu, 7 Jan 2021 18:10:01 -0500 -Subject: [PATCH 1/3] Fix platform spec, file check, tests in installed OS - detect for openembedded - -Change platform to multi in openembedded installed check matching others -and allowing compile of xml into oval ---- - shared/checks/oval/installed_OS_is_openembedded.xml | 11 ++++++----- - 1 file changed, 6 insertions(+), 5 deletions(-) - -diff --git a/shared/checks/oval/installed_OS_is_openembedded.xml b/shared/checks/oval/installed_OS_is_openembedded.xml -index 763d17bcb..01df16b43 100644 ---- a/shared/checks/oval/installed_OS_is_openembedded.xml -+++ b/shared/checks/oval/installed_OS_is_openembedded.xml -@@ -1,11 +1,9 @@ --</def-group> -- - <def-group> - <definition class="inventory" id="installed_OS_is_openembedded" version="2"> - <metadata> - <title>OpenEmbedded</title> - <affected family="unix"> -- <platform>OPENEMBEDDED</platform> -+ <platform>multi_platform_all</platform> - </affected> - <reference ref_id="cpe:/o:openembedded:openembedded:0" - source="CPE" /> -@@ -20,8 +18,11 @@ - </criteria> - </definition> - -- <ind:textfilecontent54_object id="test_openembedded" version="1" comment="Check OPenEmbedded version"> -- <ind:filepath>/etc/os-release/ind:filepath> -+ <ind:textfilecontent54_test check="all" check_existence="at_least_one_exists" comment="Check OpenEmbedded version" id="test_openembedded" version="1"> -+ <ind:object object_ref="obj_openembedded" /> -+ </ind:textfilecontent54_test> -+ <ind:textfilecontent54_object id="obj_openembedded" version="1" comment="Check OpenEmbedded version"> -+ <ind:filepath>/etc/os-release</ind:filepath> - <ind:pattern operation="pattern match">^VERSION_ID=\"nodistro\.[0-9].$</ind:pattern> - <ind:instance datatype="int">1</ind:instance> - </ind:textfilecontent54_object> --- -2.24.3 (Apple Git-128) - diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-fix-deprecated-instance-of-element.getchildren.patch b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-fix-deprecated-instance-of-element.getchildren.patch deleted file mode 100644 index 01e3dd6..0000000 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-fix-deprecated-instance-of-element.getchildren.patch +++ /dev/null @@ -1,43 +0,0 @@ -From e435bf2dc59d652710104a1c59332e410b12bb64 Mon Sep 17 00:00:00 2001 -From: Vojtech Polasek <vpolasek@redhat.com> -Date: Mon, 8 Jun 2020 12:33:48 +0200 -Subject: [PATCH] fix deprecated instance of element.getchildren - -Upstream-Status: Backport -[https://github.com/ComplianceAsCode/content/commit/e435bf2dc59d652710104a1c59332e410b12bb64] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - ssg/build_remediations.py | 2 +- - ssg/build_stig.py | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/ssg/build_remediations.py b/ssg/build_remediations.py -index fdde0f268..c18d6bd54 100644 ---- a/ssg/build_remediations.py -+++ b/ssg/build_remediations.py -@@ -735,7 +735,7 @@ def expand_xccdf_subs(fix, remediation_type, remediation_functions): - # First concat output form of modified fix text (including text appended - # to all children of the fix) - modfix = [fix.text] -- for child in fix.getchildren(): -+ for child in list(fix): - if child is not None and child.text is not None: - modfix.append(child.text) - modfixtext = "".join(modfix) -diff --git a/ssg/build_stig.py b/ssg/build_stig.py -index 528285f3d..6122981fc 100644 ---- a/ssg/build_stig.py -+++ b/ssg/build_stig.py -@@ -38,7 +38,7 @@ def add_references(reference, destination): - for ref in refs: - if (ref.get('href').startswith(stig_refs) and - ref.text in dictionary): -- index = rule.getchildren().index(ref) -+ index = list(rule).index(ref) - new_ref = ET.Element( - '{%s}reference' % XCCDF11_NS, {'href': stig_ns}) - new_ref.text = dictionary[ref.text] --- -2.17.1 - diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0002-Fix-missing-openembedded-from-ssg-constants.py.patch b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0002-Fix-missing-openembedded-from-ssg-constants.py.patch deleted file mode 100644 index 1e712f6..0000000 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0002-Fix-missing-openembedded-from-ssg-constants.py.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 037a12301968a56f0c7e492ea4a05d2eecbd4cc6 Mon Sep 17 00:00:00 2001 -From: Jate Sujjavanich <jatedev@gmail.com> -Date: Fri, 8 Jan 2021 20:18:00 -0500 -Subject: [PATCH 2/3] Fix missing openembedded from ssg/constants.py - ---- - ssg/constants.py | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/ssg/constants.py b/ssg/constants.py -index fab7cda5d..2ca289f84 100644 ---- a/ssg/constants.py -+++ b/ssg/constants.py -@@ -234,7 +234,8 @@ PRODUCT_TO_CPE_MAPPING = { - } - - MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhosp", "rhv", "debian", "ubuntu", -- "wrlinux", "opensuse", "sle", "ol", "ocp", "example"] -+ "wrlinux", "opensuse", "sle", "ol", "ocp", "example", -+ "openembedded"] - - MULTI_PLATFORM_MAPPING = { - "multi_platform_debian": ["debian8"], -@@ -249,6 +250,7 @@ MULTI_PLATFORM_MAPPING = { - "multi_platform_sle": ["sle11", "sle12"], - "multi_platform_ubuntu": ["ubuntu1404", "ubuntu1604", "ubuntu1804"], - "multi_platform_wrlinux": ["wrlinux"], -+ "multi_platform_openembedded": ["openembedded"], - } - - RHEL_CENTOS_CPE_MAPPING = { --- -2.24.3 (Apple Git-128) - diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0002-Fixed-the-broken-fix-when-greedy-regex-ate-the-whole.patch b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0002-Fixed-the-broken-fix-when-greedy-regex-ate-the-whole.patch deleted file mode 100644 index f0c9909..0000000 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0002-Fixed-the-broken-fix-when-greedy-regex-ate-the-whole.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 28a35d63a0cc6b7beb51c77d93bb30778e6960cd Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Mat=C4=9Bj=20T=C3=BD=C4=8D?= <matyc@redhat.com> -Date: Mon, 9 Dec 2019 13:41:47 +0100 -Subject: [PATCH] Fixed the broken fix, when greedy regex ate the whole file. - -We want to match attributes in an XML element, not in the whole file. - -Upstream-Status: Backport -[https://github.com/ComplianceAsCode/content/commit/28a35d63a0cc6b7beb51c77d93bb30778e6960cd] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - ssg/build_remediations.py | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/ssg/build_remediations.py b/ssg/build_remediations.py -index 13e90f732..edf31c0cf 100644 ---- a/ssg/build_remediations.py -+++ b/ssg/build_remediations.py -@@ -57,10 +57,10 @@ def get_available_functions(build_dir): - with codecs.open(xmlfilepath, "r", encoding="utf-8") as xmlfile: - filestring = xmlfile.read() - # This regex looks implementation dependent but we can rely on the element attributes -- # being present on one line. -+ # being present. Beware, DOTALL means we go through the whole file at once. - # We can't rely on ElementTree sorting XML attrs in any way since Python 3.7. - remediation_functions = re.findall( -- r'<Value.*id=\"function_(\S+)\"', -+ r'<Value[^>]+id=\"function_(\S+)\"', - filestring, re.DOTALL - ) - --- -2.17.1 - diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0002-fix-deprecated-getiterator-function.patch b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0002-fix-deprecated-getiterator-function.patch deleted file mode 100644 index 84271c4..0000000 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0002-fix-deprecated-getiterator-function.patch +++ /dev/null @@ -1,58 +0,0 @@ -From b0adc1d53780def4a95e310b6d26bb91ee97177e Mon Sep 17 00:00:00 2001 -From: Vojtech Polasek <vpolasek@redhat.com> -Date: Mon, 8 Jun 2020 13:27:41 +0200 -Subject: [PATCH] fix deprecated getiterator function - -Upstream-Status: Backport -[https://github.com/ComplianceAsCode/content/commit/b0adc1d53780def4a95e310b6d26bb91ee97177e] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - ssg/build_cpe.py | 6 +++--- - ssg/id_translate.py | 2 +- - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/ssg/build_cpe.py b/ssg/build_cpe.py -index 2e5d24a5d..8c046777a 100644 ---- a/ssg/build_cpe.py -+++ b/ssg/build_cpe.py -@@ -17,7 +17,7 @@ def extract_subelement(objects, sub_elem_type): - """ - - for obj in objects: -- for subelement in obj.getiterator(): -+ for subelement in obj.iter(): - if subelement.get(sub_elem_type): - sub_element = subelement.get(sub_elem_type) - return sub_element -@@ -44,12 +44,12 @@ def extract_referred_nodes(tree_with_refs, tree_with_ids, attrname): - reflist = [] - elementlist = [] - -- for element in tree_with_refs.getiterator(): -+ for element in tree_with_refs.iter(): - value = element.get(attrname) - if value is not None: - reflist.append(value) - -- for element in tree_with_ids.getiterator(): -+ for element in tree_with_ids.iter(): - if element.get("id") in reflist: - elementlist.append(element) - -diff --git a/ssg/id_translate.py b/ssg/id_translate.py -index 72b07be18..ba9225904 100644 ---- a/ssg/id_translate.py -+++ b/ssg/id_translate.py -@@ -64,7 +64,7 @@ class IDTranslator(object): - ) - - def translate(self, tree, store_defname=False): -- for element in tree.getiterator(): -+ for element in tree.iter(): - idname = element.get("id") - if idname: - # store the old name if requested (for OVAL definitions) --- -2.17.1 - diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0003-fix-remaining-getchildren-and-getiterator-functions.patch b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0003-fix-remaining-getchildren-and-getiterator-functions.patch deleted file mode 100644 index 8162292..0000000 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0003-fix-remaining-getchildren-and-getiterator-functions.patch +++ /dev/null @@ -1,57 +0,0 @@ -From a0da16c5eeb9a7414f7f2a37a6b270c8d04b2ddf Mon Sep 17 00:00:00 2001 -From: Vojtech Polasek <vpolasek@redhat.com> -Date: Mon, 8 Jun 2020 14:01:55 +0200 -Subject: [PATCH] fix remaining getchildren and getiterator functions - -Upstream-Status: Backport -[https://github.com/ComplianceAsCode/content/commit/a0da16c5eeb9a7414f7f2a37a6b270c8d04b2ddf] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - build-scripts/sds_move_ocil_to_checks.py | 2 +- - build-scripts/verify_references.py | 2 +- - shared/transforms/pcidss/transform_benchmark_to_pcidss.py | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/build-scripts/sds_move_ocil_to_checks.py b/build-scripts/sds_move_ocil_to_checks.py -index 5f5139659..64dc19084 100755 ---- a/build-scripts/sds_move_ocil_to_checks.py -+++ b/build-scripts/sds_move_ocil_to_checks.py -@@ -106,7 +106,7 @@ def move_ocil_content_from_ds_extended_component_to_ds_component(datastreamtree, - timestamp = extendedcomp.get('timestamp') - - # Get children elements of <ds:extended-component> containing OCIL content -- extchildren = extendedcomp.getchildren() -+ extchildren = list(extendedcomp) - # There should be just one OCIL subcomponent in <ds:extended-component> - if len(extchildren) != 1: - sys.stderr.write("ds:extended-component contains more than one element!" -diff --git a/build-scripts/verify_references.py b/build-scripts/verify_references.py -index 69b3e2d1f..95d387f46 100755 ---- a/build-scripts/verify_references.py -+++ b/build-scripts/verify_references.py -@@ -179,7 +179,7 @@ def main(): - check_content_refs = xccdftree.findall(".//{%s}check-content-ref" - % xccdf_ns) - -- xccdf_parent_map = dict((c, p) for p in xccdftree.getiterator() for c in p) -+ xccdf_parent_map = dict((c, p) for p in xccdftree.iter() for c in p) - # now we can actually do the verification work here - if options.rules_with_invalid_checks or options.all_checks: - for check_content_ref in check_content_refs: -diff --git a/shared/transforms/pcidss/transform_benchmark_to_pcidss.py b/shared/transforms/pcidss/transform_benchmark_to_pcidss.py -index 0ceaf727d..c94b12c45 100755 ---- a/shared/transforms/pcidss/transform_benchmark_to_pcidss.py -+++ b/shared/transforms/pcidss/transform_benchmark_to_pcidss.py -@@ -111,7 +111,7 @@ def main(): - benchmark.findall(".//{%s}Value" % (XCCDF_NAMESPACE)): - values.append(value) - -- parent_map = dict((c, p) for p in benchmark.getiterator() for c in p) -+ parent_map = dict((c, p) for p in benchmark.iter() for c in p) - for rule in \ - benchmark.findall(".//{%s}Rule" % (XCCDF_NAMESPACE)): - parent_map[rule].remove(rule) --- -2.17.1 - diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc deleted file mode 100644 index d1a9511..0000000 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright (C) 2017 Armin Kuster <akuster808@gmail.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -SUMARRY = "SCAP content for various platforms" -HOME_URL = "https://www.open-scap.org/security-policies/scap-security-guide/" -LIC_FILES_CHKSUM = "file://LICENSE;md5=97662e4486d9a1d09f358851d9f41a1a" -LICENSE = "LGPL-2.1" - -DEPENDS = "openscap-native python3 python3-pyyaml-native python3-jinja2-native libxml2-native expat-native" - -S = "${WORKDIR}/git" - -inherit cmake pkgconfig python3native python3targetconfig - -STAGING_OSCAP_BUILDDIR = "${TMPDIR}/work-shared/openscap/oscap-build-artifacts" -export OSCAP_CPE_PATH="${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/cpe" -export OSCAP_SCHEMA_PATH="${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/schemas" -export OSCAP_XSLT_PATH="${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/xsl" - -OECMAKE_GENERATOR = "Unix Makefiles" - -EXTRA_OECMAKE += "-DENABLE_PYTHON_COVERAGE=OFF" - -B = "${S}/build" - -do_configure[depends] += "openscap-native:do_install" - -do_configure_prepend () { - sed -i -e 's:NAMES\ sed:NAMES\ ${HOSTTOOLS_DIR}/sed:g' ${S}/CMakeLists.txt - sed -i -e 's:NAMES\ grep:NAMES\ ${HOSTTOOLS_DIR}/grep:g' ${S}/CMakeLists.txt -} - -FILES_${PN} += "${datadir}/xml" - -RDEPENDS_${PN} = "openscap" diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_0.1.44.bb b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_0.1.44.bb deleted file mode 100644 index d80ecd7..0000000 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_0.1.44.bb +++ /dev/null @@ -1,8 +0,0 @@ -SUMARRY = "SCAP content for various platforms, upstream version" - -SRCREV = "8cb2d0f351faff5440742258782281164953b0a6" -SRC_URI = "git://github.com/ComplianceAsCode/content.git" - -DEFAULT_PREFERENCE = "-1" - -require scap-security-guide.inc diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb deleted file mode 100644 index 0617c56..0000000 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb +++ /dev/null @@ -1,17 +0,0 @@ -SUMARRY = "SCAP content for various platforms, OE changes" - -SRCREV = "5fdfdcb2e95afbd86ace555beca5d20cbf1043ed" -SRC_URI = "git://github.com/akuster/scap-security-guide.git;branch=oe-0.1.44; \ - file://0001-Fix-XML-parsing-of-the-remediation-functions-file.patch \ - file://0002-Fixed-the-broken-fix-when-greedy-regex-ate-the-whole.patch \ - file://0001-fix-deprecated-instance-of-element.getchildren.patch \ - file://0002-fix-deprecated-getiterator-function.patch \ - file://0003-fix-remaining-getchildren-and-getiterator-functions.patch \ - file://0001-Fix-platform-spec-file-check-tests-in-installed-OS-d.patch \ - file://0002-Fix-missing-openembedded-from-ssg-constants.py.patch \ - " -PV = "0.1.44+git${SRCPV}" - -require scap-security-guide.inc - -EXTRA_OECMAKE += "-DSSG_PRODUCT_OPENEMBEDDED=ON" |