debian: Add missing openscap package

Before Bullseye got released openscap was removed
from the repository because it had some installability
issues according to the bug reports. Most notably it
hard codes to a specific version of Perl.
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993328)

This has been fixed in newer versions of openscap,
so in order to make life easier just use the newer
release tarball from Github, along with the Debian
packaging from Debian Experimental. This approach was
taken because the source package was not in versioned
control yet in the Debian's git repository yet. Once
it has been included then the current strategy can
be revisitied. No changes were made to the original
Debian packaging.

Test Plan
Build openscap package.
Install ISO
Run openscap binary

Story: 2009964
Task: 45395

Signed-off-by: Charles Short <charles.short@windriver.com>
Change-Id: I7f646cd940aaa6871f3f184498b3e3f3689724fd

debian_pkg_dirs

@@ -74,4 +74,5 @@ python/python3-setuptools
 security/keyrings.alt
 security/python-keyring
 security/shim-unsigned
+security/openscap
 storage-drivers/trident-installer

security/openscap/debian/deb_folder/changelog

@@ -0,0 +1,375 @@
+openscap (1.3.5-0.1) experimental; urgency=medium
+
+  * Non-maintainer upload.
+  * New upstream version 1.3.5
+
+  * Package structure changes
+    - Apply soname change (libopenscap8 -> 25) (Closes: #990183)
+    - Split libopenscap25 to openscap-scanner, openscap-utils and
+      openscap-common
+    - Drop -dbg package and unnecessary lintian-overrides
+    - Drop unnecessary dependency on dh-autoreconf.
+  * debian/control
+    - Specify https for upstream URL
+    - Use debhelper-compat (= 13) to not forget to install necessary files
+      with dh_missing
+    - Add missing dependencies: libacl1-dev, libblkid-dev, libglib2.0-dev,
+      libyaml-dev, librpm-dev, libpopt-dev, libprocps-dev, libopendbx1-dev,
+      libxmlsec1-dev, doxygen, graphviz, asciidoc,
+  * Drop unnecessary debian/compat
+  * debian/rules
+    - Enable documentation build
+    - Enable hardening
+  * Add openscap-common.docs to install HTML docs
+  * debian/openscap-scanner.install
+    - Install bash-completion
+  * openscap-utils.install
+    - Install autotailor and scap-as-rpm
+  * Add debian/openscap-{scanner,utils}.manpages
+  * debian/watch
+    - Update watch file format version to 4.
+  * debian/patches
+    - Drop unused patches
+    - Refresh patches
+  * Trim trailing whitespace.
+  * Set upstream metadata fields: Bug-Database, Bug-Submit.
+
+ -- Hideki Yamane <henrich@debian.org>  Fri, 06 Aug 2021 16:02:20 +0900
+
+openscap (1.3.4-1) unstable; urgency=medium
+
+  * New upstream version 1.3.4
+
+ -- Philippe Thierry <philou@debian.org>  Mon, 01 Feb 2021 16:22:30 +0100
+
+openscap (1.2.16-2) unstable; urgency=medium
+
+  * Add patch to install CPE OVAL files
+  * Remove explicit call to dh autotool-dev, now done automatically
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 03 May 2018 10:38:37 +0200
+
+openscap (1.2.16-1) unstable; urgency=medium
+
+  * New upstream version 1.2.16
+  * Refreshed quilt patches
+  * Rename install perl so file (Closes: #896499)
+  * Change priority from extra to optional
+
+ -- Pierre Chifflier <pollux@debian.org>  Sat, 28 Apr 2018 18:33:35 +0200
+
+openscap (1.2.15-1) unstable; urgency=medium
+
+  * New upstream version 1.2.15
+  * Refreshed quilt patches
+  * Bump Standards version to 4.1.0
+
+ -- Pierre Chifflier <pollux@debian.org>  Wed, 04 Oct 2017 21:53:33 +0200
+
+openscap (1.2.14-1) unstable; urgency=medium
+
+  * Imported Upstream version 1.2.10
+  * New upstream version 1.2.14 (Closes: #848108)
+  * Enable Script Check Engine (SCE) (Closes: #852826, #853180)
+  * Add libdbus-1-dev to build-deps (Closes: #853995)
+
+ -- Pierre Chifflier <pollux@debian.org>  Wed, 05 Jul 2017 12:55:58 +0200
+
+openscap (1.2.9-1) unstable; urgency=medium
+
+  * Update watch file (project is now on github)
+  * Imported Upstream version 1.2.9
+  * Update docs path (html version removed)
+  * Bump Standards Version to 3.9.8
+
+ -- Pierre Chifflier <pollux@debian.org>  Tue, 26 Apr 2016 10:45:02 +0200
+
+openscap (1.2.8-1) unstable; urgency=medium
+
+  * Imported Upstream version 1.2.8
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 21 Jan 2016 11:55:39 +0100
+
+openscap (1.2.7-1) unstable; urgency=medium
+
+  * Imported Upstream version 1.2.7
+  * Add libbz2-dev to build-deps
+  * Refreshed quilt patches, removed 005_configure_dpkg_probe (fixed upstream)
+
+ -- Pierre Chifflier <pollux@debian.org>  Sun, 06 Dec 2015 17:48:42 +0100
+
+openscap (1.2.5-1) unstable; urgency=medium
+
+  * Imported Upstream version 1.2.5
+  * Use misc:pre-depends for multiarch-support
+
+ -- Pierre Chifflier <pollux@debian.org>  Sat, 26 Sep 2015 10:26:35 +0200
+
+openscap (1.2.3-1) unstable; urgency=medium
+
+  * Imported Upstream version 1.2.3
+  * Refreshed quilt patches
+  * Update build-dep to libgcrypt-dev
+  * Bump Standards Version to 3.9.6
+  * Add missing source for jQuery minified version (docs/html)
+
+ -- Pierre Chifflier <pollux@debian.org>  Wed, 06 May 2015 08:34:01 +0200
+
+openscap (1.0.9-1) unstable; urgency=medium
+
+  * Imported Upstream version 1.0.4
+  * Imported Upstream version 1.0.9 (Closes: #750702)
+  * Refreshed quilt patches
+  * Remove useless build-deps on python-support
+  * Get Perl directories from the 'Config' module (Closes: #752801)
+
+ -- Pierre Chifflier <pollux@debian.org>  Sun, 29 Jun 2014 16:20:07 +0200
+
+openscap (1.0.2-1) unstable; urgency=low
+
+  * Imported Upstream version 1.0.2
+  * Refreshed quilt patches
+    Removed 004_format_security.patch, merged upstream
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 13 Jan 2014 13:41:53 +0100
+
+openscap (1.0.1-2) unstable; urgency=low
+
+  * Add conflicts/replaces on libopenscap3 (Closes: #733589)
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 30 Dec 2013 09:19:41 +0100
+
+openscap (1.0.1-1) unstable; urgency=low
+
+  * Imported Upstream version 1.0.1
+  * Refreshed quilt patches
+  * Bump Standards Version to 3.9.5
+  * Rename libopenscap3 to libopenscap8 to reflect soname change
+
+ -- Pierre Chifflier <pollux@debian.org>  Sat, 28 Dec 2013 21:27:36 +0100
+
+openscap (0.9.12-1) unstable; urgency=low
+
+  * Imported Upstream version 0.9.12
+  * Refreshed quilt patches
+
+ -- Pierre Chifflier <pollux@debian.org>  Sun, 06 Oct 2013 22:01:45 +0200
+
+openscap (0.9.8-2) unstable; urgency=low
+
+  * Mark package linux-any (Closes: #721862)
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 09 Sep 2013 09:55:14 +0200
+
+openscap (0.9.8-1) unstable; urgency=low
+
+  * Imported Upstream version 0.9.8
+  * Add patch to guard linux-specific code (Closes: #710906)
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 04 Jul 2013 14:40:39 +0200
+
+openscap (0.9.7-1) unstable; urgency=low
+
+  * Imported Upstream version 0.9.7
+  * Add libldap2-dev to build depends
+  * This version builds fine with eglibc 2.17 and gcc 4.8 (Closes: #701409)
+
+ -- Pierre Chifflier <pollux@debian.org>  Sun, 02 Jun 2013 11:20:22 +0200
+
+openscap (0.9.4.1-1) unstable; urgency=low
+
+  * Update watch file
+  * Imported Upstream version 0.9.4.1
+  * This version does not require libnl anymore (Closes: #688172)
+  * Bump Standards Version to 3.9.4
+  * Rename openscap1* packages to openscap3 to reflect ABI/API change
+  * Refreshed quilt patches
+  * New quilt patch: fix build of dpkg probe
+  * New quilt patch: fix installation of schema files in automake scripts
+  * Switch to DH version 9, enable multiarch support and hardening flags
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 20 May 2013 11:42:44 +0200
+
+openscap (0.8.0-4) unstable; urgency=low
+
+  * Also mark libcap-dev as Linux only to fix build on kfreebsd
+    (Closes: #649063)
+
+ -- Pierre Chifflier <pollux@debian.org>  Fri, 18 Nov 2011 20:03:49 +0100
+
+openscap (0.8.0-3) unstable; urgency=low
+
+  * Use [linux-any] to mark linux-only build dependencies
+    (Closes: #634689, #649063)
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 17 Nov 2011 21:36:07 +0100
+
+openscap (0.8.0-2) unstable; urgency=low
+
+  * Add proper Conflicts/Replaces lines for libopenscap0 (Closes: #645612)
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 17 Oct 2011 21:11:55 +0200
+
+openscap (0.8.0-1) unstable; urgency=low
+
+  * Imported Upstream version 0.8.0
+  * Refreshed quilt patches:
+    - Removed 002_invalid_prototype_probe_process.patch and
+      003_fix_format_string.patch, merged upstream
+    - Added 004_format_security.patch
+    - Re-run autoconf to fix dpkg probe detection, put result
+      in 005_configure_dpkg_probe.patch
+  * Update package name to libopenscap1 to reflect ABI change
+  * Replace copy of jquery.js file by symlink in documentation
+  * Add libselinux1-dev, libcap-dev, libattr1-dev to build-deps
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 13 Oct 2011 23:02:21 +0200
+
+openscap (0.7.3-1) unstable; urgency=low
+
+  * Imported Upstream version 0.7.3
+  * Add schema files (oval and xccdf)
+  * Enable hardening wrapper
+  * Bump Standards Version to 3.9.2
+  * Add 003_fix_format_string.patch to fix printf misuse
+
+ -- Pierre Chifflier <pollux@debian.org>  Sun, 26 Jun 2011 19:36:22 +0200
+
+openscap (0.7.2-1) unstable; urgency=low
+
+  * Imported Upstream version 0.7.2
+  * Refresh quilt patches
+  * Fix FTBFS on kfreebsd-*: conflicting types for 'probe_main'
+    (Closes: #621881)
+  * Remove .la files (Closes: #622483)
+
+ -- Pierre Chifflier <pollux@debian.org>  Tue, 26 Apr 2011 21:03:43 +0200
+
+openscap (0.7.1-1) unstable; urgency=low
+
+  * Imported Upstream version 0.7.1
+  * No more conversions between pointer and integer detected (Closes: #588255)
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 28 Mar 2011 13:07:40 +0200
+
+openscap (0.6.6-2) unstable; urgency=low
+
+  * Fix FTBFS on kfreebsd-*: error: storage size of 'si' isn't known
+    (Closes: #609771)
+
+ -- Pierre Chifflier <pollux@debian.org>  Wed, 12 Jan 2011 14:35:07 +0100
+
+openscap (0.6.6-1) unstable; urgency=low
+
+  * Imported Upstream version 0.6.6
+  * Drop patch 10_fix_dpkginfo, merged upstream
+  * Add pkgconfig file to dev package
+
+ -- Pierre Chifflier <pollux@debian.org>  Wed, 15 Dec 2010 09:51:48 +0100
+
+openscap (0.6.4-2) unstable; urgency=low
+
+  * Add libxslt1-dev to build-deps (Closes: #603766)
+
+ -- Pierre Chifflier <pollux@debian.org>  Wed, 17 Nov 2010 10:45:47 +0100
+
+openscap (0.6.4-1) unstable; urgency=low
+
+  * Imported Upstream version 0.6.4
+  * Switch to dpkg-source 3.0 (quilt) format
+  * Add patch 10_fix_dpkginfo to fix build error for dpkginfo probe
+  * Apply patch from Bilal Akhtar to fix build on Ubuntu (Closes:
+    #596666)
+
+ -- Pierre Chifflier <pollux@debian.org>  Tue, 16 Nov 2010 15:34:37 +0100
+
+openscap (0.5.12-3) unstable; urgency=low
+
+  * Fix FTBFS on GNU/kFreeBSD (Closes: #592486)
+  * Bump standards version to 3.9.1
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 12 Aug 2010 10:02:20 +0200
+
+openscap (0.5.12-2) unstable; urgency=low
+
+  * Add libgcrypt11-dev to build-deps (Closes: #588091)
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 05 Jul 2010 00:48:04 +0200
+
+openscap (0.5.12-1) unstable; urgency=low
+
+  * Imported Upstream version 0.5.12
+  * Update watch file
+  * oscap-scan was renamed to oscap
+  * Bump Standards version to 3.9.0
+
+ -- Pierre Chifflier <pollux@debian.org>  Sun, 04 Jul 2010 16:49:58 +0200
+
+openscap (0.5.8-1) unstable; urgency=low
+
+  * Imported Upstream version 0.5.8
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 05 Apr 2010 22:07:11 +0200
+
+openscap (0.5.7-1) unstable; urgency=low
+
+  * Imported Upstream version 0.5.7
+  * Update watch URL
+  * Add libcurl-dev and libapt-pkg-dev to build-deps
+  * Bump standards version to 3.8.4
+  * Install probes in /usr/lib/openscap
+  * Apply patch to fix FTBFS on kfreebsd (Closes: #570277)
+
+ -- Pierre Chifflier <pollux@debian.org>  Sun, 28 Feb 2010 10:08:23 +0100
+
+openscap (0.5.6-1) unstable; urgency=low
+
+  * New upstream release:
+    - OVAL API has been extended
+    - OVAL doxygen documentation is available
+    - migration to new checking mechanism is completed
+    - new logging and error propagating mechanism
+    - many many bugfixes + defensive code
+  * Fix lintian warning debhelper-but-no-misc-depends
+    (libopenscap-dev, libopenscap0-dbg)
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 04 Jan 2010 20:53:30 +0100
+
+openscap (0.5.5-1) unstable; urgency=low
+
+  * Add libnl-dev and pkg-config to build-deps
+  * Enable building OVAL bindings and probes
+  * New upstream release:
+    - many fixes in OVAL
+    - new system_info probe in OVAL
+    - CVE is re-implemented
+    - migration to improved testing mechanism has begun (see CPE)
+    - bindings are merged into single module called openscap
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 17 Dec 2009 11:25:59 +0100
+
+openscap (0.5.4-1) unstable; urgency=low
+
+  * New upstream release:
+    - new CPE model
+    - evaluation of set objects and system characteristic output
+    - implementation of variable model
+    - bindings clean up
+    - probes tune up, memory leaks fixes
+
+ -- Pierre Chifflier <pollux@debian.org>  Tue, 27 Oct 2009 09:46:49 +0100
+
+openscap (0.5.3-1) unstable; urgency=low
+
+  * New upstream release
+  * Bump standards version to 3.8.3
+  * Change libopenscap0-dbg section to debug
+  * Add binary package for Perl bindings
+
+ -- Pierre Chifflier <pollux@debian.org>  Tue, 13 Oct 2009 09:51:23 +0200
+
+openscap (0.1.4-1) unstable; urgency=low
+
+  * Initial release (Closes: #522265)
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 02 Apr 2009 10:30:16 +0200

security/openscap/debian/deb_folder/control

@@ -0,0 +1,193 @@
+Source: openscap
+Priority: optional
+Maintainer: Pierre Chifflier <pollux@debian.org>
+Uploaders: Philippe Thierry <philou@debian.org>
+Build-Depends: debhelper-compat (= 13),
+    cmake,
+    libpcre3-dev,
+    libxml2-dev,
+    libxslt1-dev,
+    swig,
+    python3-all-dev,
+    libperl-dev,
+    libcurl4-openssl-dev | libcurl4-gnutls-dev | libcurl-dev,
+    libgcrypt-dev,
+    libapt-pkg-dev,
+    libselinux1-dev [linux-any],
+    libcap-dev [linux-any],
+    libattr1-dev,
+    libldap2-dev,
+    libbz2-dev,
+    libacl1-dev,
+    libblkid-dev,
+    libglib2.0-dev,
+    libyaml-dev,
+    librpm-dev,
+    libpopt-dev,
+    libprocps-dev,
+    libopendbx1-dev,
+    libxmlsec1-dev,
+    doxygen, graphviz,
+    asciidoc,
+    pkg-config,
+    dh-python,
+    chrpath,
+    libdbus-1-dev
+Section: admin
+X-Python3-Version: >= 3.9
+Standards-Version: 4.5.1
+Homepage: https://www.open-scap.org/
+
+Package: libopenscap-dev
+Section: libdevel
+Architecture: linux-any
+Depends: libopenscap25 (= ${binary:Version}), ${misc:Depends}, ${python3:Depends}, libjs-jquery
+Description: Set of libraries enabling integration of the SCAP line of standards
+ OpenSCAP is a set of open source libraries providing an easier path
+ for integration of the SCAP line of standards. SCAP is a line of
+ standards managed by NIST with the goal of providing a standard language
+ for the expression of Computer Network Defense related information.
+ .
+ The intended scope of this project is to implement working interface
+ wrappers for parsing and querying SCAP content including:
+  * Common Vulnerabilities and Exposures (CVE)
+  * Common Configuration Enumeration (CCE)
+  * Common Platform Enumeration (CPE)
+  * Common Vulnerability Scoring System (CVSS)
+  * Extensible Configuration Checklist Description Format (XCCDF)
+  * Open Vulnerability and Assessment Language (OVAL)
+ .
+ This package contains the development files for OpenSCAP.
+
+Package: libopenscap25
+Section: libs
+Architecture: linux-any
+Conflicts: libopenscap0, libopenscap1, libopenscap3, libopenscap8,
+Replaces: libopenscap0, libopenscap1, libopenscap3, libopenscap8,
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends},
+Description: Set of libraries enabling integration of the SCAP line of standards
+ OpenSCAP is a set of open source libraries providing an easier path
+ for integration of the SCAP line of standards. SCAP is a line of
+ standards managed by NIST with the goal of providing a standard language
+ for the expression of Computer Network Defense related information.
+ .
+ The intended scope of this project is to implement working interface
+ wrappers for parsing and querying SCAP content including:
+  * Common Vulnerabilities and Exposures (CVE)
+  * Common Configuration Enumeration (CCE)
+  * Common Platform Enumeration (CPE)
+  * Common Vulnerability Scoring System (CVSS)
+  * Extensible Configuration Checklist Description Format (XCCDF)
+  * Open Vulnerability and Assessment Language (OVAL)
+ .
+ This package contains libraries for OpenSCAP.
+
+Package: python3-openscap
+Section: python
+Architecture: linux-any
+Depends: ${shlibs:Depends}, ${misc:Depends}, ${python3:Depends}, libopenscap25 (= ${binary:Version})
+X-Python3-Version: ${python3:Versions}
+Provides: ${python3:Provides}
+Description: Set of libraries enabling integration of the SCAP line of standards
+ OpenSCAP is a set of open source libraries providing an easier path
+ for integration of the SCAP line of standards. SCAP is a line of
+ standards managed by NIST with the goal of providing a standard language
+ for the expression of Computer Network Defense related information.
+ .
+ The intended scope of this project is to implement working interface
+ wrappers for parsing and querying SCAP content including:
+  * Common Vulnerabilities and Exposures (CVE)
+  * Common Configuration Enumeration (CCE)
+  * Common Platform Enumeration (CPE)
+  * Common Vulnerability Scoring System (CVSS)
+  * Extensible Configuration Checklist Description Format (XCCDF)
+  * Open Vulnerability and Assessment Language (OVAL)
+ .
+ This package contains the Python bindings for OpenSCAP.
+
+Package: libopenscap-perl
+Section: perl
+Architecture: linux-any
+Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends}, libopenscap25 (= ${binary:Version})
+Description: Set of libraries enabling integration of the SCAP line of standards
+ OpenSCAP is a set of open source libraries providing an easier path
+ for integration of the SCAP line of standards. SCAP is a line of
+ standards managed by NIST with the goal of providing a standard language
+ for the expression of Computer Network Defense related information.
+ .
+ The intended scope of this project is to implement working interface
+ wrappers for parsing and querying SCAP content including:
+  * Common Vulnerabilities and Exposures (CVE)
+  * Common Configuration Enumeration (CCE)
+  * Common Platform Enumeration (CPE)
+  * Common Vulnerability Scoring System (CVSS)
+  * Extensible Configuration Checklist Description Format (XCCDF)
+  * Open Vulnerability and Assessment Language (OVAL)
+ .
+ This package contains the Perl bindings for OpenSCAP.
+
+Package: openscap-scanner
+Architecture: linux-any
+Depends: libopenscap25 (= ${binary:Version}),
+         ${shlibs:Depends}, ${misc:Depends},
+Recommends: openscap-common (= ${binary:Version}),
+Description: OpenScap Scanner Tool (oscap)
+ OpenSCAP is a set of open source libraries providing an easier path
+ for integration of the SCAP line of standards. SCAP is a line of
+ standards managed by NIST with the goal of providing a standard language
+ for the expression of Computer Network Defense related information.
+ .
+ The intended scope of this project is to implement working interface
+ wrappers for parsing and querying SCAP content including:
+  * Common Vulnerabilities and Exposures (CVE)
+  * Common Configuration Enumeration (CCE)
+  * Common Platform Enumeration (CPE)
+  * Common Vulnerability Scoring System (CVSS)
+  * Extensible Configuration Checklist Description Format (XCCDF)
+  * Open Vulnerability and Assessment Language (OVAL)
+ .
+ This package contains oscap command-line tool, configuration and
+ vulnerability scanner. It can use for compliance checking with SCAP contents.
+
+Package: openscap-utils
+Architecture: linux-any
+Depends: openscap-scanner (= ${binary:Version}), ${python3:Depends},
+         ${shlibs:Depends}, ${misc:Depends}, rpm,
+Recommends: openscap-common (= ${binary:Version}),
+Description: OpenSCAP utilities
+ OpenSCAP is a set of open source libraries providing an easier path
+ for integration of the SCAP line of standards. SCAP is a line of
+ standards managed by NIST with the goal of providing a standard language
+ for the expression of Computer Network Defense related information.
+ .
+ The intended scope of this project is to implement working interface
+ wrappers for parsing and querying SCAP content including:
+  * Common Vulnerabilities and Exposures (CVE)
+  * Common Configuration Enumeration (CCE)
+  * Common Platform Enumeration (CPE)
+  * Common Vulnerability Scoring System (CVSS)
+  * Extensible Configuration Checklist Description Format (XCCDF)
+  * Open Vulnerability and Assessment Language (OVAL)
+ .
+ This package contains command line utilities.
+
+Package: openscap-common
+Architecture: all
+Depends: ${misc:Depends},
+Description: OpenSCAP schema files
+ OpenSCAP is a set of open source libraries providing an easier path
+ for integration of the SCAP line of standards. SCAP is a line of
+ standards managed by NIST with the goal of providing a standard language
+ for the expression of Computer Network Defense related information.
+ .
+ The intended scope of this project is to implement working interface
+ wrappers for parsing and querying SCAP content including:
+  * Common Vulnerabilities and Exposures (CVE)
+  * Common Configuration Enumeration (CCE)
+  * Common Platform Enumeration (CPE)
+  * Common Vulnerability Scoring System (CVSS)
+  * Extensible Configuration Checklist Description Format (XCCDF)
+  * Open Vulnerability and Assessment Language (OVAL)
+ .
+ This package contains schema files.

security/openscap/debian/deb_folder/copyright

@@ -0,0 +1,33 @@
+This package was debianized by Pierre Chifflier <pollux@debian.org> on
+Thu, 02 Apr 2009 10:30:16 +0200.
+
+It was downloaded from http://www.open-scap.org/
+
+Upstream Authors:
+
+    Peter Vrabec    <pvrabec@redhat.com>
+    Tomas Heinrich  <theinric@redhat.com>
+    Brandon Dixon   <Brandon.Dixon@g2-inc.com>
+    Brian Kolbay    <Brian.Kolbay@g2-inc.com>
+    Lukas Kuklinek  <lkuklinek@redhat.com>
+    Riley C. Porter <Riley.Porter@g2-inc.com>
+    Dan Kopecek     <dkopecek@redhat.com>
+
+Copyright:
+
+    Copyright 2008 Red Hat Inc., Durham, North Carolina.
+
+License:
+
+    OpenSCAP is licensed under the GNU Lesser General Public License
+    version 2.1 of the License, or (at your option) any later version.
+
+See  `/usr/share/common-licenses/LGPL-2.1'.
+
+The Debian packaging is:
+
+    Copyright (C) 2009 Pierre Chifflier <pollux@debian.org>
+
+and is licensed under the GPL version 3, 
+see `/usr/share/common-licenses/GPL-3'.
+

security/openscap/debian/deb_folder/dirs

@@ -0,0 +1,2 @@
+usr/bin
+usr/sbin

security/openscap/debian/deb_folder/gbp.conf

@@ -0,0 +1,5 @@
+[DEFAULT]
+debian-branch = master
+debian-tag = debian/%(version)s
+upstream-tag = upstream/%(version)s
+submodules = True

security/openscap/debian/deb_folder/libopenscap-dev.dirs

@@ -0,0 +1,2 @@
+usr/lib
+usr/include

security/openscap/debian/deb_folder/libopenscap-dev.docs

@@ -0,0 +1,4 @@
+docs/contribute
+docs/examples
+docs/manual
+docs/umbrello

security/openscap/debian/deb_folder/libopenscap-dev.install

@@ -0,0 +1,4 @@
+usr/include/*
+usr/lib/*/libopenscap.so
+usr/lib/*/libopenscap_sce.so
+usr/lib/*/pkgconfig/*

security/openscap/debian/deb_folder/libopenscap-dev.links

@@ -0,0 +1 @@
+usr/share/javascript/jquery/jquery.js usr/share/doc/libopenscap-dev/html/jquery.js

security/openscap/debian/deb_folder/libopenscap-perl.install

@@ -0,0 +1,6 @@
+#!/usr/bin/perl -w
+use Config;
+
+# expand the perl binary module directory at build time
+print substr($Config{vendorarch}, 1) . "\n";
+print substr($Config{vendorlib}, 1) . "\n";

security/openscap/debian/deb_folder/libopenscap25.install

@@ -0,0 +1 @@
+usr/lib/*/lib*.so.*

security/openscap/debian/deb_folder/missing-sources/README

@@ -0,0 +1,15 @@
+Missing source files
+--------------------
+
+OpenScap ships a minified jquery library for the documentation.
+
+For Debian, all sources are required, so we grabbed the sources from the above
+project(s) or from the various upstream projects, and put them in the
+missin-sources directory.
+
+Last synchronization was made with OpenScap version 1.2.3
+
+Files: docs/html/jquery.js
+Project: jQuery 1.7.1
+URL http://code.jquery.com/jquery-1.7.1.js
+Source: jquery-1.7.1.js

security/openscap/debian/deb_folder/openscap-common.docs

@@ -0,0 +1 @@
+usr/share/doc/openscap/html

security/openscap/debian/deb_folder/openscap-common.install

@@ -0,0 +1 @@
+usr/share/openscap/*

security/openscap/debian/deb_folder/openscap-scanner.docs

@@ -0,0 +1,3 @@
+NEWS
+README*
+usr/share/doc/openscap/manual

security/openscap/debian/deb_folder/openscap-scanner.examples

@@ -0,0 +1 @@
+docs/oscap-scan.cron

security/openscap/debian/deb_folder/openscap-scanner.install

@@ -0,0 +1,2 @@
+usr/bin/oscap
+etc/bash_completion.d/oscap usr/share/bash-completion/completions/

security/openscap/debian/deb_folder/openscap-scanner.manpages

@@ -0,0 +1 @@
+usr/share/man/man8/oscap.8

security/openscap/debian/deb_folder/openscap-utils.install

@@ -0,0 +1,8 @@
+usr/bin/oscap-chroot
+usr/bin/oscap-docker
+usr/bin/oscap-podman
+usr/bin/oscap-run-sce-script
+usr/bin/oscap-ssh
+usr/bin/oscap-vm
+usr/bin/autotailor
+usr/bin/scap-as-rpm

security/openscap/debian/deb_folder/openscap-utils.manpages

@@ -0,0 +1,7 @@
+usr/share/man/man8/oscap-chroot.8
+usr/share/man/man8/oscap-docker.8
+usr/share/man/man8/oscap-podman.8
+usr/share/man/man8/oscap-ssh.8
+usr/share/man/man8/oscap-vm.8
+usr/share/man/man8/autotailor.8
+usr/share/man/man8/scap-as-rpm.8

security/openscap/debian/deb_folder/patches/001_fix_kfreebsd_probe.patch

@@ -0,0 +1,18 @@
+--- a/src/OVAL/probes/probe/icache.c
++++ b/src/OVAL/probes/probe/icache.c
+@@ -497,6 +497,7 @@
+  */
+ static int probe_cobj_memcheck(size_t item_cnt)
+ {
++#if !(defined(__FreeBSD__) || defined(__FreeBSD_kernel__))
+ 	if (item_cnt > PROBE_RESULT_MEMCHECK_CTRESHOLD) {
+ 		struct proc_memusage mu_proc;
+ 		struct sys_memusage  mu_sys;
+@@ -524,6 +525,7 @@
+ 			return (1);
+ 		}
+ 	}
++#endif
+ 
+ 	return (0);
+ }

security/openscap/debian/deb_folder/patches/010_perlpm_install_fix.patch

@@ -0,0 +1,14 @@
+Index: openscap/swig/perl/CMakeLists.txt
+===================================================================
+--- openscap.orig/swig/perl/CMakeLists.txt
++++ openscap/swig/perl/CMakeLists.txt
+@@ -20,7 +20,7 @@ if (APPLE OR (${CMAKE_SYSTEM_NAME} STREQ
+                 DESTINATION ${CMAKE_INSTALL_DATADIR}/perl5/vendor_perl)
+ else()
+         install(TARGETS ${SWIG_MODULE_openscap_pm_REAL_NAME}
+-               DESTINATION ${PERL_VENDORLIB})
++               DESTINATION ${CMAKE_INSTALL_LIBDIR}/perl5/${PERL_VERSION})
+         install(PROGRAMS ${CMAKE_CURRENT_BINARY_DIR}/openscap_pm.pm
+-               DESTINATION ${PERL_VENDORARCH})
++               DESTINATION ${CMAKE_INSTALL_DATADIR}/perl5/)
+ endif()

security/openscap/debian/deb_folder/patches/011_remove_custom_rpath.patch

@@ -0,0 +1,20 @@
+Index: openscap/CMakeLists.txt
+===================================================================
+--- openscap.orig/CMakeLists.txt
++++ openscap/CMakeLists.txt
+@@ -487,13 +487,13 @@ set(OSCAP_TEMP_DIR "/tmp" CACHE STRING "
+ # see https://cmake.org/Wiki/CMake_RPATH_handling
+ 
+ # use, i.e. don't skip the full RPATH for the build tree
+-set(CMAKE_SKIP_BUILD_RPATH FALSE)
++set(CMAKE_SKIP_BUILD_RPATH TRUE)
+ 
+ # when building, don't use the install RPATH already
+ # (but later on when installing)
+ set(CMAKE_BUILD_WITH_INSTALL_RPATH FALSE)
+ 
+-set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR})
++#set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR})
+ 
+ # add the automatically determined parts of the RPATH
+ # which point to directories outside the build tree to the install RPATH

security/openscap/debian/deb_folder/patches/series

@@ -0,0 +1,3 @@
+011_remove_custom_rpath.patch
+010_perlpm_install_fix.patch
+001_fix_kfreebsd_probe.patch

security/openscap/debian/deb_folder/python3-openscap.install

@@ -0,0 +1 @@
+usr/lib/python*/*-packages

security/openscap/debian/deb_folder/rules

@@ -0,0 +1,49 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+# Uncomment this to turn on verbose mode.
+export DH_VERBOSE=1
+
+export DEB_BUILD_MAINT_OPTIONS := hardening=+all
+
+DEFAULTPY=$(shell py3versions -v -d)
+PYVERSIONS=$(shell py3versions -v -r)
+ALLPY=$(PYVERSIONS)
+PERL_VERSION:=$(shell perl -e 'my @ver=split /\./, sprintf("%vd", $$^V); print("$$ver[0].$$ver[1]");')
+CMAKE_OPTS=-DENABLE_DOCS=ON =DOEPNSCAP_PROBE_UNIX_GCONF=OFF -DGCONF_LIBRARY=
+
+override_dh_auto_configure: $(ALLPY:%=override_dh_auto_configure-%)
+
+override_dh_auto_configure-%:
+	dh_auto_configure -Bbuild-python-$* -- --enable-sce --enable-perl -DPERL_VERSION=$(PERL_VERSION) PYTHON=/usr/bin/python$* $(CMAKE_OPTS)
+
+override_dh_auto_build: $(ALLPY:%=override_dh_auto_build-%)
+
+override_dh_auto_build-%:
+	dh_auto_build -Bbuild-python-$*
+
+override_dh_auto_install: $(ALLPY:%=override_dh_auto_install-%)
+	find debian/tmp -name "*.la" -delete
+	rm -f debian/libopenscap-dev/usr/share/doc/libopenscap-dev/html/jquery.js
+	mv debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/perl5/$(PERL_VERSION)* debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/perl5/$(PERL_VERSION)
+	chrpath -d debian/tmp/usr/bin/oscap
+	chrpath -d debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libopenscap.so.*
+	chrpath -d debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libopenscap_sce.so.*
+	chrpath -d debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/perl5/5.*/openscap_pm.so
+	chmod 0644 debian/tmp/usr/lib/python3/dist-packages/openscap_py.py
+	chmod 0644 debian/tmp/usr/lib/python3/dist-packages/openscap_api.py
+
+override_dh_auto_install-%:
+	dh_auto_install -Bbuild-python-$* --destdir=debian/tmp
+
+override_dh_strip:
+	dh_strip -popenscap-scanner --dbgsym-migration='libopenscap8-dbg (<< 1.3.4-1.1~)'
+	dh_strip -plibopenscap25 --dbgsym-migration='libopenscap8-dbg (<< 1.3.4-1.1~)'
+	dh_strip -ppython3-openscap --dbgsym-migration='libopenscap8-dbg (<< 1.3.4-1.1~)'
+	dh_strip -plibopenscap-perl --dbgsym-migration='libopenscap8-dbg (<< 1.3.4-1.1~)'
+
+override_dh_auto_clean:
+	rm -rf build-*
+
+%:
+	dh $@ --with python3

security/openscap/debian/deb_folder/salsa-ci.yml

@@ -0,0 +1,4 @@
+---
+include:
+  - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
+  - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml

security/openscap/debian/deb_folder/source/format

@@ -0,0 +1 @@
+3.0 (quilt)

security/openscap/debian/deb_folder/source/lintian-overrides

@@ -0,0 +1,3 @@
+# build from OpenSCAP xccdf ressources
+openscap source: source-is-missing xsl/xccdf-resources/openscap.js line length is 263 characters (>256)
+openscap source: source-is-missing xsl/xccdf-resources/bootstrap.min.js

security/openscap/debian/deb_folder/tests/autopkgtest-pkg-python.conf

@@ -0,0 +1 @@
+import_name = oscap_docker_python

security/openscap/debian/deb_folder/upstream/metadata

@@ -0,0 +1,3 @@
+---
+Bug-Database: https://github.com/OpenSCAP/openscap/issues
+Bug-Submit: https://github.com/OpenSCAP/openscap/issues/new

security/openscap/debian/deb_folder/watch

@@ -0,0 +1,2 @@
+version=4
+opts=filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/openscap-$1\.tar\.gz/ https://github.com/OpenSCAP/openscap/tags .*/v?(\d\S*)\.tar\.gz

security/openscap/debian/meta_data.yaml

@@ -0,0 +1,11 @@
+---
+debname: openscap
+debver: 1.3.5-1
+dl_path:
+  name: openscap-1.3.5.tar.gz
+  url: https://github.com/OpenSCAP/openscap/releases/download/1.3.5/openscap-1.3.5.tar.gz
+  md5sum: 4725085cd876c952ca15de48b0bc340c
+  sha256sum: 7c3e540b757fe35de15f21a849f1afa4d3776ee3279276ada4ddd3506c3679c2
+revision:
+  dist: $STX_DIST
+  PKG_GITREVCOUNT: True