mbox series

[meta-security,0/4] openscap: upgrade 1.4.1 to 1.4.2 with fixes

Message ID 20251114-openscap_bump-v1-0-1c8169b8e332@non.se.com
Headers show
Series openscap: upgrade 1.4.1 to 1.4.2 with fixes | expand

Message

Louis Rannou Nov. 14, 2025, 8:29 a.m. UTC 
From: Louis Rannou <louis.rannou@non.se.com>

This series of patches makes an upgrade of openscap and scap-security with a repends fix
and other minor corrections.

I have based the source on the well formatted github release instead of the commit
sha. So let me know if that's incorrect.

It also includes a runtime test and musl fix.

Signed-off-by: Louis Rannou <louis.rannou@non.se.com>
---
Louis Rannou (4):
      openscap: update to 1.4.2
      scap-security-guide: update to 0.1.78
      oeqa: openscap test
      openscap: fix musl compatibility

 lib/oeqa/runtime/cases/openscap.py                 | 48 ++++++++++++++++++++++
 .../{openscap_1.4.1.bb => openscap_1.4.2.bb}       | 16 +++++---
 ...ide_0.1.77.bb => scap-security-guide_0.1.78.bb} |  4 +-
 3 files changed, 59 insertions(+), 9 deletions(-)
---
base-commit: 9f1d763bb17bf105cc313a95eb3b07496b34bacc
change-id: 20251113-openscap_bump-5c33d1ab2ceb

Best regards,
--  
Louis Rannou <louis.rannou@non.se.com>

Comments

Scott Murray Nov. 21, 2025, 2:51 p.m. UTC | #1 
On Fri, 14 Nov 2025, Louis Rannou wrote:

> From: Louis Rannou <louis.rannou@non.se.com>
>
> This series of patches makes an upgrade of openscap and scap-security with a repends fix
> and other minor corrections.
>
> I have based the source on the well formatted github release instead of the commit
> sha. So let me know if that's incorrect.
>
> It also includes a runtime test and musl fix.

Just a heads up on these, I took Yi's prior upgrade patches since they
didn't change SRC_URI for openscap, and then applied your other recipe
fixes on top as a separate change, please take a look to see if I've
missed something.  I dropped the musl enabling changes, as both openscap
and scap-security-guide were still failing to build with musl for me
with a couple of different errors:

.../openscap-1.4.2/src/OVAL/probes/unix/process58_probe.c:161:18:
error: 'PATH_MAX' undeclared (first use in this function)

and:

.../openscap-1.4.2/src/OVAL/probes/unix/linux/systemdshared.h:188:50:
error: implicit declaration of function 'basename'; did you mean 'rename'?

(I saw this one in scap-security-guide as well).  Please test locally
with latest oe-core master to see if you can reproduce.  If you cannot,
we'll have to compare notes further, though my test build setup is pretty
plain.

Thanks,

Scott


> Signed-off-by: Louis Rannou <louis.rannou@non.se.com>
> ---
> Louis Rannou (4):
>       openscap: update to 1.4.2
>       scap-security-guide: update to 0.1.78
>       oeqa: openscap test
>       openscap: fix musl compatibility
>
>  lib/oeqa/runtime/cases/openscap.py                 | 48 ++++++++++++++++++++++
>  .../{openscap_1.4.1.bb => openscap_1.4.2.bb}       | 16 +++++---
>  ...ide_0.1.77.bb => scap-security-guide_0.1.78.bb} |  4 +-
>  3 files changed, 59 insertions(+), 9 deletions(-)
> ---
> base-commit: 9f1d763bb17bf105cc313a95eb3b07496b34bacc
> change-id: 20251113-openscap_bump-5c33d1ab2ceb
>
> Best regards,
> --
> Louis Rannou <louis.rannou@non.se.com>
>
Louis Rannou Nov. 25, 2025, 1:05 p.m. UTC | #2 
Hello, I thought those errors were fixed, I'll try to give a second check. Thanks for the cherry picked merge.

Louis Rannou
Schneider Electric