starlingx/integ
Code Issues Proposed changes
e4e8866a43
integ/security/openscap/debian/deb_folder/copyright
Marcelo de Castro Loebens e17b830387 Upgrade Openscap (1.3.5 -> 1.3.6) 
Upgrade Openscap tool to release 1.3.6, using the debianized version
1.3.6+dsfg-6 for the packaging files available at
https://salsa.debian.org/debian/openscap/-/blob/debian/1.3.6+dfsg-6/debian/changelog
Didn't change any files or patches.

Segmentation faults during Openscap usage seen in Starlingx were
fixed in this release of Openscap, and are the reason of this upgrade.

Test Plan:
PASS: Build iso.

PASS: Deploy AIO-SX.

PASS: Check version (oscap --version). Result should be 1.3.6.

PASS: Run openscap using one of default manifests. There should be no
segmentation fault issues. Command i.e.:
"oscap xccdf eval --profile \
xccdf_org.ssgproject.content_profile_anssi_np_nt28_high \
--report controller-0-report.html \
/usr/share/xml/scap/ssg/content/ssg-debian11-ds-1.2.xml".

Closes-Bug: 2006782

Signed-off-by: Marcelo de Castro Loebens <Marcelo.DeCastroLoebens@windriver.com>
Change-Id: I34ff193227ae51ec709b7d69b6a97abc074721f3
2023-02-14 18:57:00 -04:00

212 lines
8.9 KiB
Plaintext
Raw Blame History

Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: openscap
Source: https://github.com/OpenSCAP/openscap
Files-Excluded: xsl/xccdf-resources
Files: *
Copyright: 2008-2021 Red Hat Inc., Durham, North Carolina.
License:LGPL-2.1+
Files: cmake/*
Copyright: 2000-2016 Kitware, Inc.
2000-2011 Insight Software Consortium
License: BSD-3-clause
Files: cmake/FindNSS.cmake
Copyright: 2010, Ambroz Bizjak, <ambrop7@gmail.com>
License: BSD-3-clause
Files: cmake/FindPCRE.cmake
Copyright: 2007-2009 LuaDist.
License: expat
Files: compat/dev_to_tty.c
Copyright: 1998-2002 by Albert Cahalan
License:LGPL-2.1+
Files: compat/strptime.c
Copyright: 1996, 1997, 1998, 1999, 2000 Free Software Foundation, Inc.
License: LGPL-3.0+
Files: debian/*
Copyright: 2009 Pierre Chifflier <pollux@debian.org>
2020-2023 Håvard F. Aasen <havard.f.aasen@pfft.no>
License: GPL-3
Files: schemas/common/xmldsig-core-schema.xsd
Copyright: 2001 The Internet Society and W3C (Massachusetts Institute of
Technology, Institut National de Recherche en Informatique
et en Automatique, Keio University)
License: W3C
Files: schemas/sce/1.0/*
Copyright: 2012-2017 Red Hat Inc., Durham, North Carolina.
License: LGPL-2.1+ and expat
Files: utils/oscap_docker_python/get_cve_input.py
utils/oscap_docker_python/__init__.py
Copyright: 2015 Brent Baude <bbaude@redhat.com>
License: LGPL-2.0+
Files: utils/oscap_docker_python/oscap_docker_common.py
utils/oscap_docker_python/oscap_docker_util_noatomic.py
utils/oscap_docker_python/oscap_docker_util.py
Copyright: 2015 Brent Baude <bbaude@redhat.com>
2019 Dominique Blaze <contact@d0m.tech>
License: LGPL-2.0+
Files: utils/oscap-remediate
utils/oscap-remediate-offline
Copyright: 2021 Red Hat Inc., Durham, North Carolina.
License: GPL-2+
Files: yaml-filter/*
Copyright: 2020 OpenSCAP
License: expat
Files: yaml-filter/cmake/*
Copyright: 2015-2017 RWTH Aachen University, Federal Republic of Germany
License: BSD-3-clause
Files: yaml-filter/tests/test-path-segments.c
Copyright: 2020 Red Hat Inc., Durham, North Carolina.
License: expat
License: BSD-3-clause
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
.
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
.
* Neither the name of Kitware, Inc. nor the names of Contributors
may be used to endorse or promote products derived from this
software without specific prior written permission.
.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
License: expat
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
.
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
License: LGPL-2.0+
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
Boston, MA 02110-1301 USA
License: LGPL-2.1+
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
MA 02110-1301, USA.
.
See `/usr/share/common-licenses/LGPL-2.1'.
License: LGPL-3.0+
See `/usr/share/common-licenses/LGPL-3'
License: GPL-2+
See `/usr/share/common-licenses/GPL-2'
License: GPL-3
See `/usr/share/common-licenses/GPL-3'
License: W3C
By obtaining, using and/or copying this work, you (the licensee) agree
that you have read, understood, and will comply with the following terms
and conditions:
.
Permission to use, copy, modify, and distribute this software and its
documentation, with or without modification, for any purpose and
without fee or royalty is hereby granted, provided that you include the
following on ALL copies of the software and documentation or portions
thereof, including modifications, that you make:
1. The full text of this NOTICE in a location viewable to users of the
redistributed or derivative work.
2. Any pre-existing intellectual property disclaimers, notices, or terms
and conditions. If none exist, a short notice of the following form
(hypertext is preferred, text is permitted) should be used within the
body of any redistributed or derivative code: "Copyright C
[$date-of-software] World Wide Web Consortium, (Massachusetts Institute
of Technology, Institut National de Recherche en Informatique et en
Automatique, Keio University). All Rights Reserved.
http://www.w3.org/Consortium/Legal/"
3. Notice of any changes or modifications to the W3C files, including the
date changes were made. (We recommend you provide URIs to the location
from which the code is derived.)
.
THIS SOFTWARE AND DOCUMENTATION IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS
MAKE NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR
PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION WILL NOT INFRINGE
ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS.
.
COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL OR
CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE SOFTWARE OR
DOCUMENTATION.
.
The name and trademarks of copyright holders may NOT be used in advertising
or publicity pertaining to the software without specific, written prior
permission. Title to copyright in this software and any associated
documentation will at all times remain with copyright holders.
.
This formulation of W3C's notice and license became active on August 14 1998
so as to improve compatibility with GPL. This version ensures that W3C
software licensing terms are no more restrictive than GPL and consequently
W3C software may be distributed in GPL packages. See the older formulation
for the policy prior to this date. Please see our Copyright FAQ for common
questions about using materials from our site, including specific terms and
conditions for packages like libwww, Amaya, and Jigsaw. Other questions
about this notice can be directed to site-policy@w3.org.
View Git Blame Copy Permalink