diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..0223773
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/openscap-1.3.5.tar.gz
diff --git a/.openscap.metadata b/.openscap.metadata
new file mode 100644
index 0000000..38345b6
--- /dev/null
+++ b/.openscap.metadata
@@ -0,0 +1 @@
+77494383980082f8bc625a6e196a6760d30a5107 SOURCES/openscap-1.3.5.tar.gz
diff --git a/SOURCES/openscap-1.3.6-coverity-issues-pr-1748.patch b/SOURCES/openscap-1.3.6-coverity-issues-pr-1748.patch
new file mode 100644
index 0000000..9d5661a
--- /dev/null
+++ b/SOURCES/openscap-1.3.6-coverity-issues-pr-1748.patch
@@ -0,0 +1,52 @@
+From 378ef5e438a2f5af7a50374d2bd23bdd3403201f Mon Sep 17 00:00:00 2001
+From: Evgeny Kolesnikov <ekolesni@redhat.com>
+Date: Tue, 4 May 2021 08:41:06 +0200
+Subject: [PATCH] Fix covscan-reported issues in yamlfilecontent probe and
+ schematron
+
+Error: FORWARD_NULL (CWE-476): [#def1]
+/OVAL/probes/independent/yamlfilecontent_probe.c:392: var_compare_op: Comparing "yaml_file" to null implies that "yaml_file" might be null.
+/OVAL/probes/independent/yamlfilecontent_probe.c:417: var_deref_model: Passing null pointer "yaml_file" to "fclose", which dereferences it.
+# 416| cleanup:
+# 417|-> fclose(yaml_file);
+# 418| yaml_parser_delete(&parser);
+
+Error: RESOURCE_LEAK (CWE-772): [#def2] [important]
+/source/schematron.c:549: alloc_fn: Storage is returned from allocation function "xmlXPathNodeEval".
+/source/schematron.c:549: var_assign: Assigning: "component_refs" = storage returned from "xmlXPathNodeEval(data_stream_node, (xmlChar *)"ds:checklists/ds:component-ref", context)".
+/source/schematron.c:551: leaked_storage: Variable "component_refs" going out of scope leaks the storage it points to.
+# 550| if (component_refs == NULL || component_refs->nodesetval == NULL) {
+# 551|-> return res;
+# 552| }
+---
+ src/OVAL/probes/independent/yamlfilecontent_probe.c | 3 ++-
+ src/source/schematron.c | 2 ++
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/OVAL/probes/independent/yamlfilecontent_probe.c b/src/OVAL/probes/independent/yamlfilecontent_probe.c
+index ed5ce0d68..62a8f4ff2 100644
+--- a/src/OVAL/probes/independent/yamlfilecontent_probe.c
++++ b/src/OVAL/probes/independent/yamlfilecontent_probe.c
+@@ -414,7 +414,8 @@ static int process_yaml_file(const char *prefix, const char *path, const char *f
+ }
+
+ cleanup:
+- fclose(yaml_file);
++ if (yaml_file != NULL)
++ fclose(yaml_file);
+ yaml_parser_delete(&parser);
+ free(filepath_with_prefix);
+ free(filepath);
+diff --git a/src/source/schematron.c b/src/source/schematron.c
+index 6cb22658b..c32d5aed6 100644
+--- a/src/source/schematron.c
++++ b/src/source/schematron.c
+@@ -548,6 +548,8 @@ static bool _req_src_346_1_sub1(xmlNodePtr data_stream_node, xmlXPathContextPtr
+ /* every $m in ds:checklists/ds:component-ref satisfies ... */
+ xmlXPathObjectPtr component_refs = xmlXPathNodeEval(data_stream_node, BAD_CAST "ds:checklists/ds:component-ref", context);
+ if (component_refs == NULL || component_refs->nodesetval == NULL) {
++ if (component_refs != NULL)
++ xmlXPathFreeObject(component_refs);
+ return res;
+ }
+ for (int i = 0; i < component_refs->nodesetval->nodeNr; i++) {
diff --git a/SOURCES/openscap-1.3.6-coverity-issues-pr-1778.patch b/SOURCES/openscap-1.3.6-coverity-issues-pr-1778.patch
new file mode 100644
index 0000000..479b20c
--- /dev/null
+++ b/SOURCES/openscap-1.3.6-coverity-issues-pr-1778.patch
@@ -0,0 +1,248 @@
+From 6885a1caaad68f0844715cca90fd0d913e19aba5 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Thu, 1 Jul 2021 16:06:23 +0200
+Subject: [PATCH 1/9] Plug a memory leak
+
+Addressing:
+
+1. openscap-1.3.5/src/OVAL/probes/independent/system_info_probe.c:738:6: warning[unix.Malloc]: Potential leak of memory pointed to by 'hname'
+ 736| hname = strdup(unknown);
+ 737|
+ 738|-> if (__sysinfo_saneval(os_name) < 1 ||
+ 739| __sysinfo_saneval(os_version) < 1 ||
+ 740| __sysinfo_saneval(architecture) < 1 ||
+---
+ src/OVAL/probes/independent/system_info_probe.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/OVAL/probes/independent/system_info_probe.c b/src/OVAL/probes/independent/system_info_probe.c
+index 8251e655e..9f680e14d 100644
+--- a/src/OVAL/probes/independent/system_info_probe.c
++++ b/src/OVAL/probes/independent/system_info_probe.c
+@@ -732,8 +732,13 @@ int system_info_probe_main(probe_ctx *ctx, void *arg)
+ if (!architecture)
+ architecture = strdup(unknown);
+
+- if (!hname || *hname == '\0')
++ if (hname && *hname == '\0') {
++ free(hname);
++ hname = NULL;
++ }
++ if (!hname) {
+ hname = strdup(unknown);
++ }
+
+ if (__sysinfo_saneval(os_name) < 1 ||
+ __sysinfo_saneval(os_version) < 1 ||
+
+From a600fa5d034daa408d277f91ceefd29b5ab10213 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Thu, 1 Jul 2021 16:43:46 +0200
+Subject: [PATCH 2/9] Fix a possible NULL dereference
+
+Addressing:
+openscap-1.3.5/utils/oscap-tool.c:78:11: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'to'
+---
+ utils/oscap-tool.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/utils/oscap-tool.c b/utils/oscap-tool.c
+index 62c4cde0e..d37fbb0e5 100644
+--- a/utils/oscap-tool.c
++++ b/utils/oscap-tool.c
+@@ -73,7 +73,8 @@ static size_t paramlist_size(const char **p) { size_t s = 0; if (!p) return s; w
+
+ static size_t paramlist_cpy(const char **to, const char **p) {
+ size_t s = 0;
+- if (!p) return s;
++ if (!to || !p)
++ return s;
+ for (;p && p[s]; s += 2) to[s] = p[s], to[s+1] = p[s+1];
+ to[s] = p[s];
+ return s;
+
+From d7bb7e755b262424e5970f2bcc2d2af670f8ac63 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Thu, 1 Jul 2021 17:03:09 +0200
+Subject: [PATCH 3/9] Fix a possible NULL dereference
+
+Addressing:
+openscap-1.3.5/src/source/xslt.c:124:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'strdup(xsltfile)' where non-null expected
+---
+ src/source/xslt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/source/xslt.c b/src/source/xslt.c
+index 0d01c535b..24c4c46e9 100644
+--- a/src/source/xslt.c
++++ b/src/source/xslt.c
+@@ -105,7 +105,7 @@ static inline int save_stylesheet_result_to_file(xmlDoc *resulting_doc, xsltStyl
+ static xmlDoc *apply_xslt_path_internal(struct oscap_source *source, const char *xsltfile, const char **params, const char *path_to_xslt, xsltStylesheet **stylesheet)
+ {
+ xmlDoc *doc = oscap_source_get_xmlDoc(source);
+- if (doc == NULL || stylesheet == NULL) {
++ if (doc == NULL || stylesheet == NULL || xsltfile == NULL) {
+ return NULL;
+ }
+
+
+From a51952f0bc66402c3b68783ee9deaf3b4ecd529e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Fri, 2 Jul 2021 10:12:31 +0200
+Subject: [PATCH 4/9] Fix possible NULL dereference
+
+Addressing:
+
+openscap-1.3.5/src/XCCDF/xccdf_session.c:1349:15: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'to'
+---
+ src/XCCDF/xccdf_session.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/XCCDF/xccdf_session.c b/src/XCCDF/xccdf_session.c
+index 9d8f42c44..10735214c 100644
+--- a/src/XCCDF/xccdf_session.c
++++ b/src/XCCDF/xccdf_session.c
+@@ -1344,7 +1344,8 @@ static size_t _paramlist_size(const char **p) { size_t s = 0; if (!p) return s;
+
+ static size_t _paramlist_cpy(const char **to, const char **p) {
+ size_t s = 0;
+- if (!p) return s;
++ if (!to || !p)
++ return s;
+ for (;p && p[s]; s += 2) to[s] = p[s], to[s+1] = p[s+1];
+ to[s] = p[s];
+ return s;
+
+From 2f0ad2e9a7bbd69ecad14b28de6e12d237bcbf9b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Fri, 2 Jul 2021 10:15:39 +0200
+Subject: [PATCH 5/9] Fix possible NULL dereference
+
+Addressing:
+openscap-1.3.5/src/OVAL/results/oval_cmp_evr_string.c:132:16: warning[-Wanalyzer-null-dereference]: dereference of NULL 's'
+---
+ src/OVAL/results/oval_cmp_evr_string.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/OVAL/results/oval_cmp_evr_string.c b/src/OVAL/results/oval_cmp_evr_string.c
+index 89e51729b..b195a73f7 100644
+--- a/src/OVAL/results/oval_cmp_evr_string.c
++++ b/src/OVAL/results/oval_cmp_evr_string.c
+@@ -128,6 +128,9 @@ static void parseEVR(char *evr, const char **ep, const char **vp, const char **r
+ const char *release;
+ char *s, *se;
+
++ if (!evr)
++ return;
++
+ s = evr;
+ while (*s && risdigit(*s)) s++; /* s points to epoch terminator */
+ se = strrchr(s, '-'); /* se points to version terminator */
+
+From fe351d432d25d48116ec077671c97f0a2d996c82 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Fri, 2 Jul 2021 10:26:03 +0200
+Subject: [PATCH 6/9] Fix possible NULL dereference
+
+openscap-1.3.5/src/OVAL/probes/unix/xinetd_probe.c:1492:56: warning[-Wanalyzer-null-dereference]: dereference of NULL 'valstr_array'
+---
+ src/OVAL/probes/unix/xinetd_probe.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/OVAL/probes/unix/xinetd_probe.c b/src/OVAL/probes/unix/xinetd_probe.c
+index 009fb4c4c..b3375500d 100644
+--- a/src/OVAL/probes/unix/xinetd_probe.c
++++ b/src/OVAL/probes/unix/xinetd_probe.c
+@@ -1483,6 +1483,10 @@ int op_remove_strl(void *var, char *val)
+ valstr_array[valstr_array_size-1] = tok;
+ valstr_array[valstr_array_size] = NULL;
+ }
++ if (valstr_array == NULL) {
++ free(newstr_array);
++ return -2;
++ }
+
+ // Remove the insersection from the string array
+ newstr_array_size = 0;
+
+From 0ae47d335db49f049ba5bad5ba69c3bdbb0a55bc Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Fri, 2 Jul 2021 10:52:28 +0200
+Subject: [PATCH 7/9] Fix possible NULL dereference
+
+The function oval_criteria_node_new can return NULL in multiple situations.
+
+Addressing:
+openscap-1.3.5/src/OVAL/oval_criteriaNode.c:390:28: warning[-Wanalyzer-null-dereference]: dereference of NULL 'node'
+---
+ src/OVAL/oval_criteriaNode.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/OVAL/oval_criteriaNode.c b/src/OVAL/oval_criteriaNode.c
+index de9081f9d..975a480a4 100644
+--- a/src/OVAL/oval_criteriaNode.c
++++ b/src/OVAL/oval_criteriaNode.c
+@@ -387,6 +387,11 @@ int oval_criteria_parse_tag(xmlTextReaderPtr reader, struct oval_parser_context
+ assert(context != NULL); /* This is not asserted as attribute, because we
+ can pass NULL pointer in case of OVAL_NODETYPE_UNKNOWN */
+ struct oval_criteria_node *node = oval_criteria_node_new(context->definition_model, type);
++ if (node == NULL) {
++ free(tagname);
++ free(namespace);
++ return 1;
++ }
+ node->type = type;
+ char *comm = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "comment");
+ if (comm != NULL) {
+
+From 832cba38133f59dc27b0e9f6d2d6eddb7604577a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Fri, 2 Jul 2021 11:02:51 +0200
+Subject: [PATCH 8/9] Fix possible NULL dereference
+
+Addressing:
+openscap-1.3.5/src/OVAL/oval_component.c:2371:83: warning[-Wanalyzer-null-dereference]: dereference of NULL 'vcl_root
+---
+ src/OVAL/oval_component.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/OVAL/oval_component.c b/src/OVAL/oval_component.c
+index 96788a471..95004bd80 100644
+--- a/src/OVAL/oval_component.c
++++ b/src/OVAL/oval_component.c
+@@ -2368,6 +2368,9 @@ static oval_syschar_collection_flag_t _oval_component_evaluate_ARITHMETIC(oval_a
+ }
+ oval_component_iterator_free(subcomps);
+
++ if (vcl_root == NULL) {
++ return SYSCHAR_FLAG_ERROR;
++ }
+ val_itr = (struct oval_value_iterator *) oval_collection_iterator(vcl_root->val_col);
+ while (oval_value_iterator_has_more(val_itr)) {
+ struct oval_value *ov;
+
+From 3fb63f51f45af8edf2b8044445bfc5cb7092b7a5 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Fri, 2 Jul 2021 11:10:03 +0200
+Subject: [PATCH 9/9] Fix possible NULL dereference
+
+Addressing:
+openscap-1.3.5/src/DS/rds_index.c:124:21: warning[-Wanalyzer-null-argument]: use of NULL 'id' where non-null expected
+---
+ src/DS/rds_index.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/DS/rds_index.c b/src/DS/rds_index.c
+index 374b55d64..cc0e2bbed 100644
+--- a/src/DS/rds_index.c
++++ b/src/DS/rds_index.c
+@@ -117,6 +117,9 @@ struct rds_asset_index* rds_index_get_asset(struct rds_index *rds, const char *i
+ {
+ struct rds_asset_index *ret = NULL;
+
++ if (id == NULL)
++ return ret;
++
+ struct rds_asset_index_iterator *it = rds_index_get_assets(rds);
+ while (rds_asset_index_iterator_has_more(it))
+ {
diff --git a/SOURCES/openscap-1.3.6-disable-sha1-md5-pr-1781.patch b/SOURCES/openscap-1.3.6-disable-sha1-md5-pr-1781.patch
new file mode 100644
index 0000000..30a84ae
--- /dev/null
+++ b/SOURCES/openscap-1.3.6-disable-sha1-md5-pr-1781.patch
@@ -0,0 +1,1954 @@
+From d687e50c61d3a06b99999942555803842f7c4526 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Thu, 15 Jul 2021 09:39:45 +0200
+Subject: [PATCH 1/5] Allow disablement of SHA-1 and MD5
+
+This patch adds 2 new CMake options `OPENSCAP_ENABLE_SHA1` and
+`OPENSCAP_ENABLE_MD5`. By setting these CMake options to `OFF` we can
+disable SHA-1 and MD5 hashing algorithm in OpenSCAP. If they are set to
+`OFF`, the code using SHA-1 and MD5 won't be built. Linux distributions
+that wish to disable SHA-1 and MD5 can use these CMake options in their
+spec files from now on.
+
+Conditional compilation using C preprocessor macros is used to achieve
+it. The approach with conditional compilation has been preferred over
+the hard removal of the code because future versions of OpenSCAP can get
+into currently stable Linux distributions where a removal would have to
+be reverted by a downstream patch to avoid feature regression.
+
+The consequence of disabling MD5 and SHA-1 is that filehash probe will
+not be built but filehash_test is a deprecated OVAL test. Second
+consequence is that people won't be able to use SHA-1 and MD5 in their
+filehash58_test. That means people will have to rewrite their SCAP
+content to use SHA-256 or SHA-512 in their filehash58_objects.
+
+Resolves: rhbz#1936619
+---
+ CMakeLists.txt | 7 +-
+ config.h.in | 3 +
+ src/OVAL/probes/crapi/digest.c | 8 ++
+ src/OVAL/probes/crapi/digest.h | 4 +
+ src/OVAL/probes/crapi/md5.c | 4 +
+ src/OVAL/probes/crapi/md5.h | 4 +
+ src/OVAL/probes/crapi/sha1.c | 4 +
+ src/OVAL/probes/crapi/sha1.h | 4 +
+ .../probes/independent/filehash58_probe.c | 8 ++
+ tests/API/crypt/test_api_crypt.sh | 34 ++++--
+ tests/API/crypt/test_crapi_digest.c | 101 +++++++-----------
+ tests/API/crypt/test_crapi_mdigest.c | 11 ++
+ tests/probes/filehash/CMakeLists.txt | 2 +-
+ .../filehash58/check_filehash_simple.xml | 6 +-
+ .../filehash58/test_probes_filehash58.sh | 4 +-
+ tests/test_common.sh.in | 3 +
+ 16 files changed, 130 insertions(+), 77 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index cc7b5e0059..9a15d591cf 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -251,11 +251,14 @@ if (WIN32)
+ endif()
+ cmake_dependent_option(ENABLE_PROBES_WINDOWS "build OVAL probes for the Windows OVAL tests" ${IS_WIN32} "ENABLE_PROBES" OFF)
+
++option(OPENSCAP_ENABLE_SHA1 "Enable using the SHA-1 algorithm" ON)
++option(OPENSCAP_ENABLE_MD5 "Enable using the MD5 algorithm" ON)
++
+ # INDEPENDENT PROBES
+ cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_ENVIRONMENTVARIABLE "Independent environmentvariable probe" ON "ENABLE_PROBES_INDEPENDENT; NOT WIN32" OFF)
+ cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_ENVIRONMENTVARIABLE58 "Independent environmentvariable58 probe" ON "ENABLE_PROBES_INDEPENDENT; NOT WIN32" OFF)
+ cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_FAMILY "Independent family probe" ON "ENABLE_PROBES_INDEPENDENT" OFF)
+-cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_FILEHASH "Independent filehash probe" ON "ENABLE_PROBES_INDEPENDENT; CRYPTO_FOUND; NOT WIN32" OFF)
++cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_FILEHASH "Independent filehash probe" ON "ENABLE_PROBES_INDEPENDENT; CRYPTO_FOUND; OPENSCAP_ENABLE_SHA1; OPENSCAP_ENABLE_MD5; NOT WIN32" OFF)
+ cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_FILEHASH58 "Independent filehash58 probe" ON "ENABLE_PROBES_INDEPENDENT; CRYPTO_FOUND; NOT WIN32" OFF)
+ cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_SQL "Independent sql probe" ON "ENABLE_PROBES_INDEPENDENT; OPENDBX_FOUND; NOT WIN32" OFF)
+ cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_SQL57 "Independent sql57 probe" ON "ENABLE_PROBES_INDEPENDENT; OPENDBX_FOUND; NOT WIN32" OFF)
+@@ -371,6 +374,8 @@ message(STATUS " ")
+ message(STATUS "OVAL:")
+ message(STATUS "base probe support: ${ENABLE_PROBES}")
+ message(STATUS "SEAP msgid bit-size: ${SEAP_MSGID_BITS}")
++message(STATUS "SHA-1: ${OPENSCAP_ENABLE_SHA1}")
++message(STATUS "MD5: ${OPENSCAP_ENABLE_MD5}")
+
+ message(STATUS "")
+ message(STATUS "Independent probes: ${ENABLE_PROBES_INDEPENDENT}")
+diff --git a/config.h.in b/config.h.in
+index 7fdbb0a752..1b72855822 100644
+--- a/config.h.in
++++ b/config.h.in
+@@ -133,6 +133,9 @@
+ #cmakedefine PYTHON2_PATH "@PYTHON2_PATH@"
+ #cmakedefine PYTHON3_PATH "@PYTHON3_PATH@"
+
++#cmakedefine OPENSCAP_ENABLE_SHA1
++#cmakedefine OPENSCAP_ENABLE_MD5
++
+ #include "oscap_platforms.h"
+ #include "compat.h"
+
+diff --git a/src/OVAL/probes/crapi/digest.c b/src/OVAL/probes/crapi/digest.c
+index c76963f8c4..fdd361813e 100644
+--- a/src/OVAL/probes/crapi/digest.c
++++ b/src/OVAL/probes/crapi/digest.c
+@@ -51,10 +51,14 @@ int crapi_digest_fd (int fd, crapi_alg_t alg, void *dst, size_t *size)
+ }
+
+ switch (alg) {
++#ifdef OPENSCAP_ENABLE_MD5
+ case CRAPI_DIGEST_MD5:
+ return crapi_md5_fd (fd, dst, size);
++#endif
++#ifdef OPENSCAP_ENABLE_SHA1
+ case CRAPI_DIGEST_SHA1:
+ return crapi_sha1_fd (fd, dst, size);
++#endif
+ case CRAPI_DIGEST_SHA224:
+ return crapi_sha224_fd (fd, dst, size);
+ case CRAPI_DIGEST_SHA256:
+@@ -100,18 +104,22 @@ int crapi_mdigest_fd (int fd, int num, ... /* crapi_alg_t alg, void *dst, size_t
+ size = va_arg (ap, size_t *);
+
+ switch (alg) {
++#ifdef OPENSCAP_ENABLE_MD5
+ case CRAPI_DIGEST_MD5:
+ ctbl[i].init = &crapi_md5_init;
+ ctbl[i].update = &crapi_md5_update;
+ ctbl[i].fini = &crapi_md5_fini;
+ ctbl[i].free = &crapi_md5_free;
+ break;
++#endif
++#ifdef OPENSCAP_ENABLE_SHA1
+ case CRAPI_DIGEST_SHA1:
+ ctbl[i].init = &crapi_sha1_init;
+ ctbl[i].update = &crapi_sha1_update;
+ ctbl[i].fini = &crapi_sha1_fini;
+ ctbl[i].free = &crapi_sha1_free;
+ break;
++#endif
+ case CRAPI_DIGEST_SHA224:
+ ctbl[i].init = &crapi_sha224_init;
+ ctbl[i].update = &crapi_sha224_update;
+diff --git a/src/OVAL/probes/crapi/digest.h b/src/OVAL/probes/crapi/digest.h
+index 1ffd4ebb9d..3de55e4f94 100644
+--- a/src/OVAL/probes/crapi/digest.h
++++ b/src/OVAL/probes/crapi/digest.h
+@@ -27,8 +27,12 @@
+ #include <stddef.h>
+
+ typedef enum {
++#ifdef OPENSCAP_ENABLE_MD5
+ CRAPI_DIGEST_MD5 = 0x01,
++#endif
++#ifdef OPENSCAP_ENABLE_SHA1
+ CRAPI_DIGEST_SHA1 = 0x02,
++#endif
+ CRAPI_DIGEST_SHA256 = 0x04,
+ CRAPI_DIGEST_SHA512 = 0x08,
+ CRAPI_DIGEST_RMD160 = 0x10,
+diff --git a/src/OVAL/probes/crapi/md5.c b/src/OVAL/probes/crapi/md5.c
+index 688165e3b2..8fc32af027 100644
+--- a/src/OVAL/probes/crapi/md5.c
++++ b/src/OVAL/probes/crapi/md5.c
+@@ -33,6 +33,8 @@
+ #include "crapi.h"
+ #include "md5.h"
+
++#ifdef OPENSCAP_ENABLE_MD5
++
+ #if defined(HAVE_NSS3)
+ #include <sechash.h>
+
+@@ -230,3 +232,5 @@ int crapi_md5_fd (int fd, void *dst, size_t *size)
+ }
+ return (0);
+ }
++
++#endif /* OPENSCAP_ENABLE_MD5 */
+diff --git a/src/OVAL/probes/crapi/md5.h b/src/OVAL/probes/crapi/md5.h
+index 6adf14a87b..15e82bb671 100644
+--- a/src/OVAL/probes/crapi/md5.h
++++ b/src/OVAL/probes/crapi/md5.h
+@@ -25,6 +25,8 @@
+
+ #include <stddef.h>
+
++#ifdef OPENSCAP_ENABLE_MD5
++
+ void *crapi_md5_init (void *dst, void *size);
+ int crapi_md5_update (void *ctxp, void *bptr, size_t blen);
+ int crapi_md5_fini (void *ctxp);
+@@ -32,4 +34,6 @@ void crapi_md5_free (void *ctxp);
+
+ int crapi_md5_fd (int fd, void *dst, size_t *size);
+
++#endif /* OPENSCAP_ENABLE_MD5 */
++
+ #endif /* CRAPI_MD5_H */
+diff --git a/src/OVAL/probes/crapi/sha1.c b/src/OVAL/probes/crapi/sha1.c
+index aee7916510..9a757d0274 100644
+--- a/src/OVAL/probes/crapi/sha1.c
++++ b/src/OVAL/probes/crapi/sha1.c
+@@ -33,6 +33,8 @@
+ #include "crapi.h"
+ #include "sha1.h"
+
++#ifdef OPENSCAP_ENABLE_SHA1
++
+ #if defined(HAVE_NSS3)
+ #include <sechash.h>
+
+@@ -226,3 +228,5 @@ int crapi_sha1_fd (int fd, void *dst, size_t *size)
+
+ return (0);
+ }
++
++#endif /* OPENSCAP_ENABLE_SHA1 */
+diff --git a/src/OVAL/probes/crapi/sha1.h b/src/OVAL/probes/crapi/sha1.h
+index 5c31c7ce92..282046c6a9 100644
+--- a/src/OVAL/probes/crapi/sha1.h
++++ b/src/OVAL/probes/crapi/sha1.h
+@@ -25,6 +25,8 @@
+
+ #include <stddef.h>
+
++#ifdef OPENSCAP_ENABLE_SHA1
++
+ void *crapi_sha1_init (void *dst, void *size);
+ int crapi_sha1_update (void *ctxp, void *bptr, size_t blen);
+ int crapi_sha1_fini (void *ctxp);
+@@ -32,4 +34,6 @@ void crapi_sha1_free (void *ctxp);
+
+ int crapi_sha1_fd (int fd, void *dst, size_t *size);
+
++#endif /* OPENSCAP_ENABLE_SHA1 */
++
+ #endif /* CRAPI_SHA1_H */
+diff --git a/src/OVAL/probes/independent/filehash58_probe.c b/src/OVAL/probes/independent/filehash58_probe.c
+index ff1e065746..895d8f92f4 100644
+--- a/src/OVAL/probes/independent/filehash58_probe.c
++++ b/src/OVAL/probes/independent/filehash58_probe.c
+@@ -60,8 +60,12 @@
+ #define CRAPI_INVALID -1
+
+ static const struct oscap_string_map CRAPI_ALG_MAP[] = {
++#ifdef OPENSCAP_ENABLE_MD5
+ {CRAPI_DIGEST_MD5, "MD5"},
++#endif
++#ifdef OPENSCAP_ENABLE_SHA1
+ {CRAPI_DIGEST_SHA1, "SHA-1"},
++#endif
+ {CRAPI_DIGEST_SHA224, "SHA-224"},
+ {CRAPI_DIGEST_SHA256, "SHA-256"},
+ {CRAPI_DIGEST_SHA384, "SHA-384"},
+@@ -71,8 +75,12 @@ static const struct oscap_string_map CRAPI_ALG_MAP[] = {
+ };
+
+ static const struct oscap_string_map CRAPI_ALG_MAP_SIZE[] = {
++#ifdef OPENSCAP_ENABLE_MD5
+ {16, "MD5"},
++#endif
++#ifdef OPENSCAP_ENABLE_SHA1
+ {20, "SHA-1"},
++#endif
+ {28, "SHA-224"},
+ {32, "SHA-256"},
+ {48, "SHA-384"},
+diff --git a/tests/API/crypt/test_api_crypt.sh b/tests/API/crypt/test_api_crypt.sh
+index e5e9d361f0..937f7eaf91 100755
+--- a/tests/API/crypt/test_api_crypt.sh
++++ b/tests/API/crypt/test_api_crypt.sh
+@@ -21,9 +21,8 @@ function test_crapi_digest {
+ local TEMPDIR="$(make_temp_dir /tmp tmp)"
+
+ local ret_val=0;
+- local sum_md5="";
+- local sum_sha1="";
+- local sum_sha256="";
++ local sum=""
++ local algo="$1"
+
+ dd if=/dev/urandom of="${TEMPDIR}/a" count=1 bs=1k || return 2
+ dd if=/dev/urandom of="${TEMPDIR}/b" count=123 bs=1 || return 2
+@@ -33,16 +32,21 @@ function test_crapi_digest {
+ dd if=/dev/urandom of="${TEMPDIR}/f" count=312 bs=1 || return 2
+
+ for file in a b c d e f; do
+- sum_md5=$((md5sum "${TEMPDIR}/${file}" || openssl md5 "${TEMPDIR}/${file}") | sed -n 's|^.*\([0-9a-f]\{32\}\).*$|\1|p')
+- sum_sha1=$((sha1sum "${TEMPDIR}/${file}" || openssl sha1 "${TEMPDIR}/${file}") | sed -n 's|^.*\([0-9a-f]\{40\}\).*$|\1|p')
+- sum_sha256=$((sha256sum "${TEMPDIR}/${file}" || openssl sha256 "${TEMPDIR}/${file}") | sed -n 's|^.*\([0-9a-f]\{64\}\).*$|\1|p')
++ if [[ "$algo" == "md5" ]] ; then
++ sum=$((md5sum "${TEMPDIR}/${file}" || openssl md5 "${TEMPDIR}/${file}") | sed -n 's|^.*\([0-9a-f]\{32\}\).*$|\1|p')
++ elif [[ "$algo" == "sha1" ]] ; then
++ sum=$((sha1sum "${TEMPDIR}/${file}" || openssl sha1 "${TEMPDIR}/${file}") | sed -n 's|^.*\([0-9a-f]\{40\}\).*$|\1|p')
++ elif [[ "$algo" == "sha256" ]] ; then
++ sum=$((sha256sum "${TEMPDIR}/${file}" || openssl sha256 "${TEMPDIR}/${file}") | sed -n 's|^.*\([0-9a-f]\{64\}\).*$|\1|p')
++ else
++ return 2
++ fi
+
+- if [[ "$sum_md5" == "" || "$sum_sha1" == "" || "$sum_sha256" == "" ]]; then
++ if [[ "$sum" == "" ]]; then
+ return 2
+ fi
+
+- ./test_crapi_digest "${TEMPDIR}/${file}" "$sum_md5" "$sum_sha1" "$sum_sha256" || return 1
+- #echo "$file: ret $?, 5: $sum_md5, 1: $sum_sha1, $sum_sha256"
++ ./test_crapi_digest "${TEMPDIR}/${file}" "$sum" "$algo" || return 1
+ done
+
+ rm -rf "$TEMPDIR"
+@@ -88,8 +92,16 @@ function test_crapi_mdigest {
+ test_init
+
+ if [ -z ${CUSTOM_OSCAP+x} ] ; then
+- test_run "test_crapi_digest" test_crapi_digest
+- test_run "test_crapi_mdigest" test_crapi_mdigest
++ if [[ "$OPENSCAP_ENABLE_MD5" == "ON" ]] ; then
++ test_run "test_crapi_digest_md5" test_crapi_digest md5
++ fi
++ if [[ "$OPENSCAP_ENABLE_SHA1" == "ON" ]] ; then
++ test_run "test_crapi_digest_sha1" test_crapi_digest sha1
++ fi
++ test_run "test_crapi_digest_sha256" test_crapi_digest sha256
++ if [[ "$OPENSCAP_ENABLE_MD5" == "ON" && "$OPENSCAP_ENABLE_SHA1" == "ON" ]] ; then
++ test_run "test_crapi_mdigest" test_crapi_mdigest
++ fi
+ fi
+
+ test_exit
+diff --git a/tests/API/crypt/test_crapi_digest.c b/tests/API/crypt/test_crapi_digest.c
+index 41ef8fbaa5..e0ccf5b2a2 100644
+--- a/tests/API/crypt/test_crapi_digest.c
++++ b/tests/API/crypt/test_crapi_digest.c
+@@ -58,88 +58,69 @@ static int mem2hex (uint8_t *mem, size_t mlen, char *str, size_t slen)
+
+ int main (int argc, char *argv[])
+ {
+- uint8_t md5_dst[16];
+- size_t md5_dstlen = sizeof md5_dst;
+-
+- uint8_t sha1_dst[20];
+- size_t sha1_dstlen = sizeof sha1_dst;
+-
+- uint8_t sha256_dst[32];
+- size_t sha256_dstlen = sizeof sha256_dst;
+-
+- char *orig_md5sum, comp_md5sum[(sizeof md5_dst * 2) + 1];
+- char *orig_sha1sum, comp_sha1sum[(sizeof sha1_dst * 2) + 1];
+- char *orig_sha256sum, comp_sha256sum[(sizeof sha256_dst * 2) + 1];
+- char *filename;
+- int fd;
+-
+- if (argc != 5) {
+- fprintf (stderr, "Usage: %s <file> <md5sum> <sha1sum> <sha256sum>\n", argv[0]);
++ if (argc != 4) {
++ fprintf (stderr, "Usage: %s <file> <checksum> <algorithm>\n", argv[0]);
+ return (1);
+ }
+
+- filename = argv[1];
+- orig_md5sum = argv[2];
+- orig_sha1sum = argv[3];
+- orig_sha256sum = argv[4];
+-
+- if (crapi_init (NULL) != 0) {
+- fprintf (stderr, "crapi_init() != 0\n");
+- abort ();
+- }
+-
+- fd = open (filename, O_RDONLY);
+-
+- if (fd < 0) {
+- perror ("open");
+- return (2);
+- }
++ char *filename = argv[1];
++ char *orig_sum = argv[2];
++ char *algorithm_str = argv[3];
+
+- if (crapi_digest_fd (fd, CRAPI_DIGEST_MD5, &md5_dst, &md5_dstlen) != 0) {
+- fprintf (stderr, "crapi_digest() != 0\n");
+- abort ();
+- }
++ crapi_alg_t algorithm;
++ size_t dstlen = 0;
+
+- mem2hex (md5_dst, md5_dstlen, comp_md5sum, sizeof comp_md5sum);
++ if (!strcmp(algorithm_str, "md5")) {
++#ifdef OPENSCAP_ENABLE_MD5
++ algorithm = CRAPI_DIGEST_MD5;
++ dstlen = 16;
++#else
++ return 1;
++#endif
++ } else if (!strcmp(algorithm_str, "sha1")) {
++#ifdef OPENSCAP_ENABLE_SHA1
++ algorithm = CRAPI_DIGEST_SHA1;
++ dstlen = 20;
++#else
++ return 1;
++#endif
++ } else if (!strcmp(algorithm_str, "sha256")) {
++ algorithm = CRAPI_DIGEST_SHA256;
++ dstlen = 32;
++ } else {
++ return 1;
++ }
+
+- if (strcmp (orig_md5sum, comp_md5sum) != 0) {
+- fprintf (stderr, "crapi_digest::MD5(%s) != %s (== %s)\n", filename, orig_md5sum, comp_md5sum);
+- abort ();
+- }
++ int fd = open(filename, O_RDONLY);
+
+- if (lseek (fd, 0, SEEK_SET) == (off_t)-1) {
+- perror ("lseek");
++ if (fd < 0) {
++ perror ("open");
+ return (2);
+ }
+
+- if (crapi_digest_fd (fd, CRAPI_DIGEST_SHA1, &sha1_dst, &sha1_dstlen) != 0) {
+- fprintf (stderr, "crapi_digest() != 0\n");
++ if (crapi_init (NULL) != 0) {
++ fprintf (stderr, "crapi_init() != 0\n");
+ abort ();
+ }
+
+- mem2hex (sha1_dst, sha1_dstlen, comp_sha1sum, sizeof comp_sha1sum);
+-
+- if (strcmp (orig_sha1sum, comp_sha1sum) != 0) {
+- fprintf (stderr, "crapi_digest::SHA1(%s) != %s (== %s)\n", filename, orig_sha1sum, comp_sha1sum);
+- abort ();
+- }
++ uint8_t *dst = malloc(dstlen);
+
+- if (lseek (fd, 0, SEEK_SET) == (off_t)-1) {
+- perror ("lseek");
+- return (2);
+- }
++ size_t comp_sum_len = (dstlen * 2) + 1;
++ char *comp_sum = malloc(comp_sum_len);
+
+- if (crapi_digest_fd (fd, CRAPI_DIGEST_SHA256, &sha256_dst, &sha256_dstlen) != 0) {
++ if (crapi_digest_fd(fd, algorithm, dst, &dstlen) != 0) {
+ fprintf (stderr, "crapi_digest() != 0\n");
+ abort ();
+ }
+
+- mem2hex (sha256_dst, sha256_dstlen, comp_sha256sum, sizeof comp_sha256sum);
++ mem2hex (dst, dstlen, comp_sum, comp_sum_len);
+
+- if (strcmp (orig_sha256sum, comp_sha256sum) != 0) {
+- fprintf (stderr, "crapi_digest::SHA256(%s) != %s (== %s)\n", filename, orig_sha256sum, comp_sha256sum);
++ if (strcmp(orig_sum, comp_sum) != 0) {
++ fprintf (stderr, "crapi_digest::%s(%s) != %s (== %s)\n", algorithm_str, filename, orig_sum, comp_sum);
+ abort ();
+ }
++ free(dst);
++ free(comp_sum);
+
+ close (fd);
+
+diff --git a/tests/API/crypt/test_crapi_mdigest.c b/tests/API/crypt/test_crapi_mdigest.c
+index 9c5d31dfb3..200a2bbd9e 100644
+--- a/tests/API/crypt/test_crapi_mdigest.c
++++ b/tests/API/crypt/test_crapi_mdigest.c
+@@ -24,6 +24,8 @@
+ #include <config.h>
+ #endif
+
++#if (defined OPENSCAP_ENABLE_MD5 && defined OPENSCAP_ENABLE_SHA1)
++
+ #include <stdio.h>
+ #include <stdint.h>
+ #include <stdlib.h>
+@@ -127,3 +129,12 @@ int main (int argc, char *argv[])
+
+ return (0);
+ }
++
++#else
++
++int main (int argc, char *argv[])
++{
++ return 1;
++}
++
++#endif
+diff --git a/tests/probes/filehash/CMakeLists.txt b/tests/probes/filehash/CMakeLists.txt
+index e9d579c44c..cd04df4f30 100644
+--- a/tests/probes/filehash/CMakeLists.txt
++++ b/tests/probes/filehash/CMakeLists.txt
+@@ -1,3 +1,3 @@
+-if(ENABLE_PROBES_INDEPENDENT)
++if(OPENSCAP_PROBE_INDEPENDENT_FILEHASH)
+ add_oscap_test("test_probes_filehash.sh")
+ endif()
+diff --git a/tests/probes/filehash58/check_filehash_simple.xml b/tests/probes/filehash58/check_filehash_simple.xml
+index 2f6fa877e6..33e6343c73 100644
+--- a/tests/probes/filehash58/check_filehash_simple.xml
++++ b/tests/probes/filehash58/check_filehash_simple.xml
+@@ -28,13 +28,13 @@
+ <ns0:objects>
+ <ns3:filehash58_object id="oval:ssg-concerned_file:obj:1" version="1">
+ <ns3:filepath>/oval-test</ns3:filepath>
+- <ns3:hash_type>SHA-1</ns3:hash_type>
++ <ns3:hash_type>SHA-256</ns3:hash_type>
+ </ns3:filehash58_object>
+ </ns0:objects>
+ <ns0:states>
+ <ns3:filehash58_state id="oval:ssg-hash_value:ste:1" version="1">
+- <ns3:hash_type>SHA-1</ns3:hash_type>
+- <ns3:hash>f1d2d2f924e986ac86fdf7b36c94bcdf32beec15</ns3:hash>
++ <ns3:hash_type>SHA-256</ns3:hash_type>
++ <ns3:hash>b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c</ns3:hash>
+ </ns3:filehash58_state>
+ </ns0:states>
+ </ns0:oval_definitions>
+diff --git a/tests/probes/filehash58/test_probes_filehash58.sh b/tests/probes/filehash58/test_probes_filehash58.sh
+index 5d9c513f29..06ee64446d 100755
+--- a/tests/probes/filehash58/test_probes_filehash58.sh
++++ b/tests/probes/filehash58/test_probes_filehash58.sh
+@@ -96,7 +96,9 @@ function test_probes_filehash58_chroot_fail {
+
+ test_init
+
+-test_run "test_probes_filehash58" test_probes_filehash58
++if [[ "$OPENSCAP_ENABLE_MD5" == "ON" && "$OPENSCAP_ENABLE_SHA1" == "ON" ]] ; then
++ test_run "test_probes_filehash58" test_probes_filehash58
++fi
+
+ test_run "test_probes_filehash58_chroot_fail" test_probes_filehash58_chroot_fail
+
+diff --git a/tests/test_common.sh.in b/tests/test_common.sh.in
+index b562855271..ef3675c1bf 100755
+--- a/tests/test_common.sh.in
++++ b/tests/test_common.sh.in
+@@ -329,3 +329,6 @@ die() {
+ }
+
+ export -f assert_exists
++
++export OPENSCAP_ENABLE_MD5="@OPENSCAP_ENABLE_MD5@"
++export OPENSCAP_ENABLE_SHA1="@OPENSCAP_ENABLE_SHA1@"
+
+From d7a800d3c9ffae2062a81e656e6013b8021b3d16 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Thu, 15 Jul 2021 13:30:28 +0200
+Subject: [PATCH 2/5] Another test for filehash58 probe
+
+It renames the existing test case and also creates a new test case which
+is almost identical with the existing test case but it uses different
+hashing algorithms in the filehash58_test. The reason for creating it
+is that the existing test case uses the SHA-1 and MD5 alorithms. But we
+introduced CMake options OPENSCAP_ENABLE_SHA1 and OPENSCAP_ENABLE_MD5
+which allow to not build support for these algorithms. If OpenSCAP will
+be built with these options the existing tests would be disabled and we
+wouldn't test the filehash58 probe. We can expect that some downstreams
+will turn the options OFF so they need an alternative test instead.
+---
+ .../filehash58/test_probes_filehash58.sh | 40 +-
+ .../test_probes_filehash58_new_algos.xml.sh | 1064 +++++++++++++++++
+ ...> test_probes_filehash58_old_algos.xml.sh} | 0
+ 3 files changed, 1099 insertions(+), 5 deletions(-)
+ create mode 100644 tests/probes/filehash58/test_probes_filehash58_new_algos.xml.sh
+ rename tests/probes/filehash58/{test_probes_filehash58.xml.sh => test_probes_filehash58_old_algos.xml.sh} (100%)
+
+diff --git a/tests/probes/filehash58/test_probes_filehash58.sh b/tests/probes/filehash58/test_probes_filehash58.sh
+index 06ee64446d..459654546a 100755
+--- a/tests/probes/filehash58/test_probes_filehash58.sh
++++ b/tests/probes/filehash58/test_probes_filehash58.sh
+@@ -16,19 +16,19 @@
+
+ # Test Cases.
+
+-function test_probes_filehash58 {
++function test_probes_filehash58_old_algos {
+
+ probecheck "filehash58" || return 255
+ require "md5sum" || return 255
+ require "sha1sum" || return 255
+
+ local ret_val=0;
+- local DF="test_probes_filehash58.xml"
++ local DF="test_probes_filehash58_old_algos.xml"
+ local RF="results.xml"
+
+ [ -f $RF ] && rm -f $RF
+
+- bash ${srcdir}/test_probes_filehash58.xml.sh > $DF
++ bash ${srcdir}/test_probes_filehash58_old_algos.xml.sh > $DF
+ $OSCAP oval eval --results $RF $DF
+
+ if [ -f $RF ]; then
+@@ -38,7 +38,35 @@ function test_probes_filehash58 {
+ ret_val=1
+ fi
+
+- # The file was created as a side-effect of test_probes_filehash58.xml.sh
++ # The file was created as a side-effect of test_probes_filehash58_old_algos.xml.sh
++ [ $ret_val -eq 0 ] && rm -f /tmp/test_probes_filehash58.tmp
++
++ return $ret_val
++}
++
++function test_probes_filehash58_new_algos {
++
++ probecheck "filehash58" || return 255
++ require "sha256sum" || return 255
++ require "sha512sum" || return 255
++
++ local ret_val=0
++ local DF="test_probes_filehash58_new_algos.xml"
++ local RF="results.xml"
++
++ [ -f $RF ] && rm -f $RF
++
++ bash ${srcdir}/test_probes_filehash58_new_algos.xml.sh > $DF
++ $OSCAP oval eval --results $RF $DF
++
++ if [ -f $RF ]; then
++ verify_results "def" $DF $RF 13 && verify_results "tst" $DF $RF 120
++ ret_val=$?
++ else
++ ret_val=1
++ fi
++
++ # The file was created as a side-effect of test_probes_filehash58_new_algos.xml.sh
+ [ $ret_val -eq 0 ] && rm -f /tmp/test_probes_filehash58.tmp
+
+ return $ret_val
+@@ -97,9 +125,11 @@ function test_probes_filehash58_chroot_fail {
+ test_init
+
+ if [[ "$OPENSCAP_ENABLE_MD5" == "ON" && "$OPENSCAP_ENABLE_SHA1" == "ON" ]] ; then
+- test_run "test_probes_filehash58" test_probes_filehash58
++ test_run "test_probes_filehash58_old_algos" test_probes_filehash58_old_algos
+ fi
+
++test_run "test_probes_filehash58_new_algos" test_probes_filehash58_new_algos
++
+ test_run "test_probes_filehash58_chroot_fail" test_probes_filehash58_chroot_fail
+
+ test_run "test_probes_filehash58_chroot_pass" test_probes_filehash58_chroot_pass
+diff --git a/tests/probes/filehash58/test_probes_filehash58_new_algos.xml.sh b/tests/probes/filehash58/test_probes_filehash58_new_algos.xml.sh
+new file mode 100644
+index 0000000000..d120a0d114
+--- /dev/null
++++ b/tests/probes/filehash58/test_probes_filehash58_new_algos.xml.sh
+@@ -0,0 +1,1064 @@
++#!/usr/bin/env bash
++
++echo "Test Probes: FILEHASH test" > /tmp/test_probes_filehash58.tmp
++
++cat <<EOF
++<?xml version="1.0"?>
++<oval_definitions xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:lin-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd">
++
++ <generator>
++ <oval:product_name>filehash58</oval:product_name>
++ <oval:product_version>1.0</oval:product_version>
++ <oval:schema_version>5.11</oval:schema_version>
++ <oval:timestamp>2011-07-14T00:00:00-00:00</oval:timestamp>
++ </generator>
++
++ <definitions>
++
++ <definition class="compliance" version="1" id="oval:1:def:1"> <!-- comment="false" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="AND">
++ <criterion test_ref="oval:1:tst:1"/>
++ <criterion test_ref="oval:1:tst:2"/>
++ <criterion test_ref="oval:1:tst:3"/>
++ <criterion test_ref="oval:1:tst:4"/>
++ <criterion test_ref="oval:1:tst:5"/>
++ <criterion test_ref="oval:1:tst:6"/>
++ <criterion test_ref="oval:1:tst:7"/>
++ <criterion test_ref="oval:1:tst:8"/>
++ <criterion test_ref="oval:1:tst:9"/>
++ <criterion test_ref="oval:1:tst:10"/>
++ <criterion test_ref="oval:1:tst:11"/>
++ <criterion test_ref="oval:1:tst:12"/>
++ <criterion test_ref="oval:1:tst:13"/>
++ <criterion test_ref="oval:1:tst:14"/>
++ <criterion test_ref="oval:1:tst:15"/>
++ <criterion test_ref="oval:1:tst:16"/>
++ <criterion test_ref="oval:1:tst:17"/>
++ <criterion test_ref="oval:1:tst:18"/>
++ <criterion test_ref="oval:1:tst:19"/>
++ <criterion test_ref="oval:1:tst:20"/>
++ <criterion test_ref="oval:1:tst:21"/>
++ <criterion test_ref="oval:1:tst:22"/>
++ <criterion test_ref="oval:1:tst:23"/>
++ <criterion test_ref="oval:1:tst:24"/>
++ <criterion test_ref="oval:1:tst:25"/>
++ <criterion test_ref="oval:1:tst:26"/>
++ <criterion test_ref="oval:1:tst:27"/>
++ <criterion test_ref="oval:1:tst:28"/>
++ <criterion test_ref="oval:1:tst:29"/>
++ <criterion test_ref="oval:1:tst:30"/>
++ <criterion test_ref="oval:1:tst:31"/>
++ <criterion test_ref="oval:1:tst:32"/>
++ <criterion test_ref="oval:1:tst:33"/>
++ <criterion test_ref="oval:1:tst:34"/>
++ <criterion test_ref="oval:1:tst:35"/>
++ <criterion test_ref="oval:1:tst:36"/>
++ <criterion test_ref="oval:1:tst:37"/>
++ <criterion test_ref="oval:1:tst:38"/>
++ <criterion test_ref="oval:1:tst:39"/>
++ <criterion test_ref="oval:1:tst:40"/>
++ <criterion test_ref="oval:1:tst:41"/>
++ <criterion test_ref="oval:1:tst:42"/>
++ <criterion test_ref="oval:1:tst:43"/>
++ <criterion test_ref="oval:1:tst:44"/>
++ <criterion test_ref="oval:1:tst:45"/>
++ <criterion test_ref="oval:1:tst:46"/>
++ <criterion test_ref="oval:1:tst:47"/>
++ <criterion test_ref="oval:1:tst:48"/>
++ <criterion test_ref="oval:1:tst:49"/>
++ <criterion test_ref="oval:1:tst:50"/>
++ <criterion test_ref="oval:1:tst:51"/>
++ <criterion test_ref="oval:1:tst:52"/>
++ <criterion test_ref="oval:1:tst:53"/>
++ <criterion test_ref="oval:1:tst:54"/>
++ <criterion test_ref="oval:1:tst:55"/>
++ <criterion test_ref="oval:1:tst:56"/>
++ <criterion test_ref="oval:1:tst:57"/>
++ <criterion test_ref="oval:1:tst:58"/>
++ <criterion test_ref="oval:1:tst:59"/>
++ <criterion test_ref="oval:1:tst:60"/>
++ <criterion test_ref="oval:1:tst:61"/>
++ <criterion test_ref="oval:1:tst:62"/>
++ <criterion test_ref="oval:1:tst:63"/>
++ <criterion test_ref="oval:1:tst:64"/>
++ <criterion test_ref="oval:1:tst:65"/>
++ <criterion test_ref="oval:1:tst:66"/>
++ <criterion test_ref="oval:1:tst:67"/>
++ <criterion test_ref="oval:1:tst:68"/>
++ <criterion test_ref="oval:1:tst:69"/>
++ <criterion test_ref="oval:1:tst:70"/>
++ <criterion test_ref="oval:1:tst:71"/>
++ <criterion test_ref="oval:1:tst:72"/>
++ <criterion test_ref="oval:1:tst:73"/>
++ <criterion test_ref="oval:1:tst:74"/>
++ <criterion test_ref="oval:1:tst:75"/>
++ <criterion test_ref="oval:1:tst:76"/>
++ <criterion test_ref="oval:1:tst:77"/>
++ <criterion test_ref="oval:1:tst:78"/>
++ <criterion test_ref="oval:1:tst:79"/>
++ <criterion test_ref="oval:1:tst:80"/>
++ <criterion test_ref="oval:1:tst:81"/>
++ <criterion test_ref="oval:1:tst:82"/>
++ <criterion test_ref="oval:1:tst:83"/>
++ <criterion test_ref="oval:1:tst:84"/>
++ <criterion test_ref="oval:1:tst:85"/>
++ <criterion test_ref="oval:1:tst:86"/>
++ <criterion test_ref="oval:1:tst:87"/>
++ <criterion test_ref="oval:1:tst:88"/>
++ <criterion test_ref="oval:1:tst:89"/>
++ <criterion test_ref="oval:1:tst:90"/>
++ <criterion test_ref="oval:1:tst:91"/>
++ <criterion test_ref="oval:1:tst:92"/>
++ <criterion test_ref="oval:1:tst:93"/>
++ <criterion test_ref="oval:1:tst:94"/>
++ <criterion test_ref="oval:1:tst:95"/>
++ <criterion test_ref="oval:1:tst:96"/>
++ <criterion test_ref="oval:1:tst:97"/>
++ <criterion test_ref="oval:1:tst:98"/>
++ <criterion test_ref="oval:1:tst:99"/>
++ <criterion test_ref="oval:1:tst:100"/>
++ <criterion test_ref="oval:1:tst:101"/>
++ <criterion test_ref="oval:1:tst:102"/>
++ <criterion test_ref="oval:1:tst:103"/>
++ <criterion test_ref="oval:1:tst:104"/>
++ <criterion test_ref="oval:1:tst:105"/>
++ <criterion test_ref="oval:1:tst:106"/>
++ <criterion test_ref="oval:1:tst:107"/>
++ <criterion test_ref="oval:1:tst:108"/>
++ <criterion test_ref="oval:1:tst:109"/>
++ <criterion test_ref="oval:1:tst:110"/>
++ <criterion test_ref="oval:1:tst:111"/>
++ <criterion test_ref="oval:1:tst:112"/>
++ <criterion test_ref="oval:1:tst:113"/>
++ <criterion test_ref="oval:1:tst:114"/>
++ <criterion test_ref="oval:1:tst:115"/>
++ <criterion test_ref="oval:1:tst:116"/>
++ <criterion test_ref="oval:1:tst:117"/>
++ <criterion test_ref="oval:1:tst:118"/>
++ <criterion test_ref="oval:1:tst:119"/>
++ <criterion test_ref="oval:1:tst:120"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:2"> <!-- comment="false" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="AND">
++ <criterion test_ref="oval:1:tst:1"/>
++ <criterion test_ref="oval:1:tst:5"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:3"> <!-- comment="true" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="AND">
++ <criterion test_ref="oval:1:tst:1"/>
++ <criterion test_ref="oval:1:tst:1"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:4"> <!-- comment="false" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="AND">
++ <criterion test_ref="oval:1:tst:5"/>
++ <criterion test_ref="oval:1:tst:5"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:5"> <!-- comment="true" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="OR">
++ <criterion test_ref="oval:1:tst:1"/>
++ <criterion test_ref="oval:1:tst:5"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:6"> <!-- comment="true" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="OR">
++ <criterion test_ref="oval:1:tst:1"/>
++ <criterion test_ref="oval:1:tst:1"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:7"> <!-- comment="false" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="OR">
++ <criterion test_ref="oval:1:tst:5"/>
++ <criterion test_ref="oval:1:tst:5"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:8"> <!-- comment="true" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="XOR">
++ <criterion test_ref="oval:1:tst:1"/>
++ <criterion test_ref="oval:1:tst:5"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:9"> <!-- comment="false" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="XOR">
++ <criterion test_ref="oval:1:tst:1"/>
++ <criterion test_ref="oval:1:tst:1"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:10"> <!-- comment="false" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="XOR">
++ <criterion test_ref="oval:1:tst:5"/>
++ <criterion test_ref="oval:1:tst:5"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:11"> <!-- comment="true" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="ONE">
++ <criterion test_ref="oval:1:tst:1"/>
++ <criterion test_ref="oval:1:tst:5"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:12"> <!-- comment="false" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="ONE">
++ <criterion test_ref="oval:1:tst:1"/>
++ <criterion test_ref="oval:1:tst:1"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ <definition class="compliance" version="1" id="oval:1:def:13"> <!-- comment="false" -->
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria>
++ <criteria operator="ONE">
++ <criterion test_ref="oval:1:tst:5"/>
++ <criterion test_ref="oval:1:tst:5"/>
++ </criteria>
++ </criteria>
++ </definition>
++
++ </definitions>
++
++ <tests>
++
++ <!-- DEFAULT STATELESS OBJECT -->
++
++ <!-- check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:1" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:2" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:3" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:4" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:5" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:6" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:7" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:8" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- STATELESS OBJECT -->
++
++ <!-- check_existence="all_exist" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:9" check_existence="all_exist" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="all_exist" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:10" check_existence="all_exist" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="all_exist" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:11" check_existence="all_exist" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="all_exist" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:12" check_existence="all_exist" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:13" check_existence="at_least_one_exists" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:14" check_existence="at_least_one_exists" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:15" check_existence="at_least_one_exists" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:16" check_existence="at_least_one_exists" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:17" check_existence="any_exist" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:18" check_existence="any_exist" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:19" check_existence="any_exist" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:20" check_existence="any_exist" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:21" check_existence="none_exist" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:22" check_existence="none_exist" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:23" check_existence="none_exist" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:24" check_existence="none_exist" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:25" check_existence="only_one_exists" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:26" check_existence="only_one_exists" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:27" check_existence="only_one_exists" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:28" check_existence="only_one_exists" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="all_exist" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:29" check_existence="all_exist" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="all_exist" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:30" check_existence="all_exist" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="all_exist" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:31" check_existence="all_exist" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="all_exist" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:32" check_existence="all_exist" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:33" check_existence="at_least_one_exists" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:34" check_existence="at_least_one_exists" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:35" check_existence="at_least_one_exists" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:36" check_existence="at_least_one_exists" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:37" check_existence="any_exist" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:38" check_existence="any_exist" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:39" check_existence="any_exist" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:40" check_existence="any_exist" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:41" check_existence="none_exist" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:42" check_existence="none_exist" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:43" check_existence="none_exist" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:44" check_existence="none_exist" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:45" check_existence="only_one_exists" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:46" check_existence="only_one_exists" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:47" check_existence="only_one_exists" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:48" check_existence="only_one_exists" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:2"/>
++ </filehash58_test>
++
++ <!-- DEFAULT OBJECT WITH STATE -->
++
++ <!-- check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:49" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:50" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:51" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:52" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:53" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:54" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:55" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:56" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:57" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:58" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:59" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:60" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- OBJECT WITH STATE -->
++
++ <!-- check_existence="all_exist" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:61" check_existence="all_exist" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:62" check_existence="all_exist" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:63" check_existence="all_exist" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="all_exist" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:64" check_existence="all_exist" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:65" check_existence="all_exist" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:66" check_existence="all_exist" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="all_exist" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:67" check_existence="all_exist" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:68" check_existence="all_exist" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:69" check_existence="all_exist" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="all_exist" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:70" check_existence="all_exist" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:71" check_existence="all_exist" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:72" check_existence="all_exist" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:73" check_existence="any_exist" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:74" check_existence="any_exist" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:75" check_existence="any_exist" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:76" check_existence="any_exist" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:77" check_existence="any_exist" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:78" check_existence="any_exist" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:79" check_existence="any_exist" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:80" check_existence="any_exist" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:81" check_existence="any_exist" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="any_exist" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:82" check_existence="any_exist" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:83" check_existence="any_exist" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:84" check_existence="any_exist" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:85" check_existence="at_least_one_exists" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:86" check_existence="at_least_one_exists" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:87" check_existence="at_least_one_exists" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:88" check_existence="at_least_one_exists" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:89" check_existence="at_least_one_exists" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:90" check_existence="at_least_one_exists" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:91" check_existence="at_least_one_exists" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:92" check_existence="at_least_one_exists" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:93" check_existence="at_least_one_exists" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="at_least_one_exists" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:94" check_existence="at_least_one_exists" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:95" check_existence="at_least_one_exists" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:96" check_existence="at_least_one_exists" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:97" check_existence="none_exist" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:98" check_existence="none_exist" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:99" check_existence="none_exist" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:100" check_existence="none_exist" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:101" check_existence="none_exist" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:102" check_existence="none_exist" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:103" check_existence="none_exist" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:104" check_existence="none_exist" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:105" check_existence="none_exist" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="none_exist" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:106" check_existence="none_exist" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:107" check_existence="none_exist" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:108" check_existence="none_exist" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="all" -->
++
++ <filehash58_test version="1" id="oval:1:tst:109" check_existence="only_one_exists" check="all" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:110" check_existence="only_one_exists" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:111" check_existence="only_one_exists" check="all" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="at least one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:112" check_existence="only_one_exists" check="at least one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:113" check_existence="only_one_exists" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:114" check_existence="only_one_exists" check="at least one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="none satisfy" -->
++
++ <filehash58_test version="1" id="oval:1:tst:115" check_existence="only_one_exists" check="none satisfy" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:116" check_existence="only_one_exists" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:117" check_existence="only_one_exists" check="none satisfy" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ <!-- check_existence="only_one_exists" check="only one" -->
++
++ <filehash58_test version="1" id="oval:1:tst:118" check_existence="only_one_exists" check="only one" comment="true" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:1"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:119" check_existence="only_one_exists" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:2"/>
++ </filehash58_test>
++
++ <filehash58_test version="1" id="oval:1:tst:120" check_existence="only_one_exists" check="only one" comment="false" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <object object_ref="oval:1:obj:1"/>
++ <state state_ref="oval:1:ste:3"/>
++ </filehash58_test>
++
++ </tests>
++
++ <objects>
++
++ <!-- EXISTING OBJECT -->
++ <filehash58_object version="1" id="oval:1:obj:1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <path>/tmp</path>
++ <filename>test_probes_filehash58.tmp</filename>
++ <hash_type>SHA-512</hash_type>
++ </filehash58_object>
++
++ <!-- NON-EXISTING OBJECT -->
++ <filehash58_object version="1" id="oval:1:obj:2" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <path>/tmp</path>
++ <filename>test_probes_filehash58.invalid</filename>
++ <hash_type>SHA-512</hash_type>
++ </filehash58_object>
++
++ </objects>
++
++ <states>
++
++ <!-- FULLY TRUE STATE -->
++ <filehash58_state version="1" id="oval:1:ste:1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++
++ <filepath>/tmp/test_probes_filehash58.tmp</filepath>
++ <path>/tmp</path>
++ <filename>test_probes_filehash58.tmp</filename>
++ <hash_type>SHA-512</hash_type>
++ <hash>`sha512sum /tmp/test_probes_filehash58.tmp | awk '{print $1}'`</hash>
++ </filehash58_state>
++
++ <!-- FULLY FALSE STATE -->
++ <filehash58_state version="1" id="oval:1:ste:2" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <path>/tmp</path>
++ <filename>test_probes_filehash58.tmp</filename>
++ <hash_type>SHA-512</hash_type>
++ <hash>ce66ae981bfdcb0a5b63e296792662caf3e9c0414d1053593876f38fc1afdaffb89fdbe016a21e7357209fbaa611644307d589780cca97c04df0052bc903af22</hash>
++ </filehash58_state>
++
++ <!-- MIXED STATE -->
++ <filehash58_state version="1" id="oval:1:ste:3" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent">
++ <path>/tmp</path>
++ <filename>test_probes_filehash58.tmp</filename>
++ <hash_type var_ref="oval:1:var:1" var_check="at least one"/>
++ <hash var_ref="oval:1:var:4" var_check="at least one"/>
++ </filehash58_state>
++
++ </states>
++
++ <variables>
++ <constant_variable id="oval:1:var:1" version="1" comment="several hash algorithms in one variable" datatype="string">
++ <value>SHA-256</value>
++ <value>SHA-512</value>
++ </constant_variable>
++ <constant_variable id="oval:1:var:4" version="1" comment="several hash algorithms in one variable" datatype="string">
++ <value>`sha256sum /tmp/test_probes_filehash58.tmp | awk '{print $1}'`</value>
++ <value>0bdf537d823dfb9194c25f2a444ac38fc177fc3ed2160acf7c15e3a07ccc600a8303e2a0e8ce50659395e0ab02910404e2134997b105794a167387de45f24768</value>
++ </constant_variable>
++ </variables>
++
++
++</oval_definitions>
++EOF
+diff --git a/tests/probes/filehash58/test_probes_filehash58.xml.sh b/tests/probes/filehash58/test_probes_filehash58_old_algos.xml.sh
+similarity index 100%
+rename from tests/probes/filehash58/test_probes_filehash58.xml.sh
+rename to tests/probes/filehash58/test_probes_filehash58_old_algos.xml.sh
+
+From 02a404bd0663e9e8191af6ea89bcaff5833eaaec Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Wed, 21 Jul 2021 10:49:06 +0200
+Subject: [PATCH 3/5] Show supported crypto in oscap --version output
+
+It will allow users to discover which hash algorithms are supported
+by our probes.
+---
+ src/OVAL/probes/probe-table.c | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/src/OVAL/probes/probe-table.c b/src/OVAL/probes/probe-table.c
+index f7ca47702a..dd434ae6f2 100644
+--- a/src/OVAL/probes/probe-table.c
++++ b/src/OVAL/probes/probe-table.c
+@@ -391,6 +391,21 @@ void probe_table_list(FILE *output)
+ fprintf(output, "%-14s", oval_family_get_text(oval_subtype_get_family(type)));
+ fprintf(output, "%-29s", oval_subtype_get_text(type));
+ fprintf(output, "probe_%s", oval_subtype_get_text(type));
++#if (defined(OPENSCAP_ENABLE_MD5) && defined(OPENSCAP_ENABLE_SHA1))
++ if (type == OVAL_INDEPENDENT_FILE_HASH) {
++ fprintf(output, " (MD5, SHA-1)");
++ }
++#endif
++ if (type == OVAL_INDEPENDENT_FILE_HASH58) {
++ fprintf(output, " (");
++#ifdef OPENSCAP_ENABLE_MD5
++ fprintf(output, "MD5, ");
++#endif
++#ifdef OPENSCAP_ENABLE_SHA1
++ fprintf(output, "SHA-1, ");
++#endif
++ fprintf(output, "SHA-224, SHA-256, SHA-384, SHA-512)");
++ }
+ fprintf(output, "\n");
+ entry++;
+ }
+
+From df30597efbf7caa47e7b143dae518da01246e512 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Wed, 21 Jul 2021 14:34:16 +0200
+Subject: [PATCH 4/5] Remove unused CRAPI_DIGEST_CNT
+
+This constant isn't used anywhere. Moerover, after introducing
+preprocessor variables OPENSCAP_ENABLE_MD5 and OPENSCAP_ENABLE_SHA1
+which affect the count supported crypto algorithms this value
+could dynamically differ from 7.
+---
+ src/OVAL/probes/crapi/digest.h | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/src/OVAL/probes/crapi/digest.h b/src/OVAL/probes/crapi/digest.h
+index 3de55e4f94..0d66db1336 100644
+--- a/src/OVAL/probes/crapi/digest.h
++++ b/src/OVAL/probes/crapi/digest.h
+@@ -40,8 +40,6 @@ typedef enum {
+ CRAPI_DIGEST_SHA384 = 0x40
+ } crapi_alg_t;
+
+-#define CRAPI_DIGEST_CNT 7
+-
+ #include "md5.h"
+ #include "sha1.h"
+ #include "sha2.h"
+
+From 741bffe331b9a1b737440d4b9dce9a1775cc8345 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Wed, 21 Jul 2021 14:42:45 +0200
+Subject: [PATCH 5/5] Raise an error when using unsupported hash types
+
+The OVAL content can have a hash algorithm in `hash_type` element that
+is allowed by the OVAL specification but isn't currently supported in
+OpenSCAP. At this moment, this can happen if OpenSCAP is compiled
+without SHA-1 or MD5 support by setting OPENSCAP_ENABLE_SHA1 or
+OPENSCAP_ENABLE_MD5 to OFF. In this situation we should warn the user,
+for example show a warning and add a message element to the OVAL
+results.
+
+To do that, we need to be able to iterate over all hash types specified
+in the OVAL specification, not only over the supported ones, because we
+need to distinguish between a no match, a match of supported algorithm
+and a match of an unsupported algorithm. Therefore we need to list them
+explicitly.
+
+The CRAPI_INVALID value has been replaced by 0 because it used to be a
+-1 but a negative value can't be compared with an enum. That would cause
+a compiler warning.
+---
+ .../probes/independent/filehash58_probe.c | 109 +++++++++++-------
+ 1 file changed, 69 insertions(+), 40 deletions(-)
+
+diff --git a/src/OVAL/probes/independent/filehash58_probe.c b/src/OVAL/probes/independent/filehash58_probe.c
+index 895d8f92f4..53535d7069 100644
+--- a/src/OVAL/probes/independent/filehash58_probe.c
++++ b/src/OVAL/probes/independent/filehash58_probe.c
+@@ -54,11 +54,22 @@
+ #include "util.h"
+ #include "probe/entcmp.h"
+ #include "filehash58_probe.h"
++#include "oscap_helpers.h"
+
+ #define FILE_SEPARATOR '/'
+
+-#define CRAPI_INVALID -1
++/* List of hash types listed in OVAL specification */
++static const char *OVAL_FILEHASH58_HASH_TYPES[] = {
++ "MD5",
++ "SHA-1",
++ "SHA-224",
++ "SHA-256",
++ "SHA-384",
++ "SHA-512",
++ NULL
++};
+
++/* List of hash types supported by OpenSCAP */
+ static const struct oscap_string_map CRAPI_ALG_MAP[] = {
+ #ifdef OPENSCAP_ENABLE_MD5
+ {CRAPI_DIGEST_MD5, "MD5"},
+@@ -71,7 +82,7 @@ static const struct oscap_string_map CRAPI_ALG_MAP[] = {
+ {CRAPI_DIGEST_SHA384, "SHA-384"},
+ {CRAPI_DIGEST_SHA512, "SHA-512"},
+ /* {CRAPI_DIGEST_RMD160, "RMD-160"}, OVAL doesn't support this */
+- {CRAPI_INVALID, NULL}
++ {0, NULL}
+ };
+
+ static const struct oscap_string_map CRAPI_ALG_MAP_SIZE[] = {
+@@ -165,45 +176,64 @@ static int filehash58_cb(const char *prefix, const char *p, const char *f, const
+ probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
+ "Can't open \"%s\": errno=%d, %s.", pbuf, errno, strerror (errno));
+ probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
+- } else {
+- uint8_t hash_dst[1025];
+- size_t hash_dstlen = sizeof hash_dst;
+- char hash_str[2051];
+
+- crapi_alg_t hash_type;
++ probe_item_collect(ctx, itm);
++ return 0;
++ }
+
+- hash_type = oscap_string_to_enum(CRAPI_ALG_MAP, h);
+- hash_dstlen = oscap_string_to_enum(CRAPI_ALG_MAP_SIZE, h);
++ uint8_t hash_dst[1025];
++ size_t hash_dstlen = sizeof(hash_dst);
++ char hash_str[2051];
++ crapi_alg_t hash_type;
+
+- /*
+- * Compute hash value
+- */
+- if (crapi_mdigest_fd (fd, 1, hash_type, hash_dst, &hash_dstlen) != 0) {
+- close (fd);
+- return (-1);
+- }
++ hash_type = oscap_string_to_enum(CRAPI_ALG_MAP, h);
++ if (hash_type == 0) {
++ char *msg = oscap_sprintf("This version of OpenSCAP doesn't support the '%s' hash algorithm.", h);
++ dW(msg);
++ itm = probe_item_create (OVAL_INDEPENDENT_FILE_HASH58, NULL,
++ "filepath", OVAL_DATATYPE_STRING, pbuf,
++ "path", OVAL_DATATYPE_STRING, p,
++ "filename", OVAL_DATATYPE_STRING, f,
++ "hash_type", OVAL_DATATYPE_STRING, h,
++ NULL);
++ probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR, msg);
++ free(msg);
++ probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
++ probe_item_collect(ctx, itm);
++ close(fd);
++ return 0;
++ }
++
++ hash_dstlen = oscap_string_to_enum(CRAPI_ALG_MAP_SIZE, h);
+
++ /*
++ * Compute hash value
++ */
++ if (crapi_mdigest_fd(fd, 1, hash_type, hash_dst, &hash_dstlen) != 0) {
+ close (fd);
++ return (-1);
++ }
+
+- hash_str[0] = '\0';
+- mem2hex (hash_dst, hash_dstlen, hash_str, sizeof hash_str);
++ close (fd);
+
+- /*
+- * Create and add the item
+- */
+- itm = probe_item_create(OVAL_INDEPENDENT_FILE_HASH58, NULL,
+- "filepath", OVAL_DATATYPE_STRING, pbuf,
+- "path", OVAL_DATATYPE_STRING, p,
+- "filename", OVAL_DATATYPE_STRING, f,
+- "hash_type",OVAL_DATATYPE_STRING, h,
+- "hash", OVAL_DATATYPE_STRING, hash_str,
+- NULL);
++ hash_str[0] = '\0';
++ mem2hex(hash_dst, hash_dstlen, hash_str, sizeof(hash_str));
+
+- if (hash_dstlen == 0) {
+- probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
+- "Unable to compute %s hash value of \"%s\".", h, pbuf);
+- probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
+- }
++ /*
++ * Create and add the item
++ */
++ itm = probe_item_create(OVAL_INDEPENDENT_FILE_HASH58, NULL,
++ "filepath", OVAL_DATATYPE_STRING, pbuf,
++ "path", OVAL_DATATYPE_STRING, p,
++ "filename", OVAL_DATATYPE_STRING, f,
++ "hash_type",OVAL_DATATYPE_STRING, h,
++ "hash", OVAL_DATATYPE_STRING, hash_str,
++ NULL);
++
++ if (hash_dstlen == 0) {
++ probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
++ "Unable to compute %s hash value of \"%s\".", h, pbuf);
++ probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
+ }
+
+ probe_item_collect(ctx, itm);
+@@ -300,15 +330,14 @@ int filehash58_probe_main(probe_ctx *ctx, void *arg)
+ if ((ofts = oval_fts_open_prefixed(prefix, path, filename, filepath, behaviors, probe_ctx_getresult(ctx))) != NULL) {
+ while ((ofts_ent = oval_fts_read(ofts)) != NULL) {
+ /* find hash types to compare with entity, think "not satisfy" */
+- const struct oscap_string_map *p = CRAPI_ALG_MAP;
+- while (p->value != CRAPI_INVALID) {
+- SEXP_t *crapi_hash_type_sexp = SEXP_string_new(p->string, strlen(p->string));
+- if (probe_entobj_cmp(hash_type, crapi_hash_type_sexp) == OVAL_RESULT_TRUE) {
+- filehash58_cb(prefix, ofts_ent->path, ofts_ent->file, p->string, ctx);
++ for (int i = 0; OVAL_FILEHASH58_HASH_TYPES[i] != NULL; i++) {
++ const char *oval_filehash58_hash_type = OVAL_FILEHASH58_HASH_TYPES[i];
++ SEXP_t *oval_filehash58_hash_type_sexp = SEXP_string_new(oval_filehash58_hash_type, strlen(oval_filehash58_hash_type));
++ if (probe_entobj_cmp(hash_type, oval_filehash58_hash_type_sexp) == OVAL_RESULT_TRUE) {
++ filehash58_cb(prefix, ofts_ent->path, ofts_ent->file, oval_filehash58_hash_type, ctx);
+ }
+
+- SEXP_free(crapi_hash_type_sexp);
+- p++;
++ SEXP_free(oval_filehash58_hash_type_sexp);
+ }
+ oval_ftsent_free(ofts_ent);
+ }
diff --git a/SOURCES/openscap-1.3.6-fix-failing-test-pr-1775.patch b/SOURCES/openscap-1.3.6-fix-failing-test-pr-1775.patch
new file mode 100644
index 0000000..70f9798
--- /dev/null
+++ b/SOURCES/openscap-1.3.6-fix-failing-test-pr-1775.patch
@@ -0,0 +1,40 @@
+From 11e5d42d279f39c13a9bdea7df6da7728b85a0b5 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Tue, 29 Jun 2021 09:12:34 +0200
+Subject: [PATCH] Fix failing test
+
+The test fails becuse the OVAL content in
+`test_remediation_simple.oval.xml` used in rule
+`xccdf_moc.elpmaxe.www_rule_1` in
+`test_profile_selection_by_suffix.xccdf.xml` expects that a file named
+`test_file` exists in the current working directory.
+
+This test doesn't fail when executed as a part of complete test suite
+run. I guess that it's because some other test creates the `test_file`
+file and doesn't delete it. Unfortunately, I can't find which test
+creates it. There are many test cases that use a file `test_file`
+and it is also created often by remediation executed in some tests.
+---
+ .../API/XCCDF/unittests/test_profile_selection_by_suffix.sh | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/tests/API/XCCDF/unittests/test_profile_selection_by_suffix.sh b/tests/API/XCCDF/unittests/test_profile_selection_by_suffix.sh
+index 910264626a..9b0852df37 100755
+--- a/tests/API/XCCDF/unittests/test_profile_selection_by_suffix.sh
++++ b/tests/API/XCCDF/unittests/test_profile_selection_by_suffix.sh
+@@ -13,6 +13,9 @@ echo "Stderr file = $stderr"
+ echo "Result file = $result"
+ ret=0
+
++touch test_file
++[ -f test_file ]
++
+ # Multiple matches should result in failure
+ $OSCAP xccdf eval --profile common $benchmark 2> $stderr || ret=$?
+ [ $ret -eq 1 ]
+@@ -55,3 +58,5 @@ grep -Fq "No profile matching suffix \"another\" was found" $stderr
+
+ [ -f $stderr ]; rm $stderr
+ rm $result
++
++rm -f test_file
diff --git a/SOURCES/openscap-1.3.6-replace-getlogin-pr-1753.patch b/SOURCES/openscap-1.3.6-replace-getlogin-pr-1753.patch
new file mode 100644
index 0000000..a63f094
--- /dev/null
+++ b/SOURCES/openscap-1.3.6-replace-getlogin-pr-1753.patch
@@ -0,0 +1,36 @@
+From b31cff1bc3a298cfa36a10476f2d633c290b6741 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Tue, 11 May 2021 13:20:18 +0200
+Subject: [PATCH] Replace getlogin by cuserid
+
+The getlogin() is used here to fill in the xccdf:identity element which
+shall contain information about the system identity or user employed
+during application of the benchmark. But, the getlogin() can return NULL
+when there is no controlling terminal. This happened when testing oscap
+on a test system with no pty. As an alternative, the system provides
+also cuserid() function which gets the effective user ID of the process.
+However, these 2 values differ when the program is executed under sudo.
+From the user experience point of view, it would be better to have
+displayed there the user logged in on the controlling terminal. As a
+compromise, we will first attempt to obtain the name using getlogin()
+and if that fails we will run cuserid().
+---
+ src/XCCDF/result.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/XCCDF/result.c b/src/XCCDF/result.c
+index cd03e6bd8f..cbe016c44a 100644
+--- a/src/XCCDF/result.c
++++ b/src/XCCDF/result.c
+@@ -217,7 +217,10 @@ static inline void _xccdf_result_fill_identity(struct xccdf_result *result)
+ xccdf_identity_set_authenticated(id, 0);
+ xccdf_identity_set_privileged(id, 0);
+ #ifdef OSCAP_UNIX
+- xccdf_identity_set_name(id, getlogin());
++ char *name = getlogin();
++ if (name == NULL)
++ name = cuserid(NULL);
++ xccdf_identity_set_name(id, name);
+ #elif defined(OS_WINDOWS)
+ GetUserName((TCHAR *) w32_username, &w32_usernamesize); /* XXX: Check the return value? */
+ xccdf_identity_set_name(id, w32_username);
diff --git a/SOURCES/openscap-1.3.6-rpath-pr-1765.patch b/SOURCES/openscap-1.3.6-rpath-pr-1765.patch
new file mode 100644
index 0000000..bbd07aa
--- /dev/null
+++ b/SOURCES/openscap-1.3.6-rpath-pr-1765.patch
@@ -0,0 +1,42 @@
+From 5f8879927fa34827f1b367eac311845e6ebec9a7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Thu, 10 Jun 2021 13:41:25 +0200
+Subject: [PATCH] Do not set Rpath
+
+See: https://docs.fedoraproject.org/en-US/packaging-guidelines/#_beware_of_rpath
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1967200
+---
+ CMakeLists.txt | 18 ------------------
+ 1 file changed, 18 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index c70ba29bf..cc7b5e005 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -482,25 +482,7 @@ else()
+ endif()
+ set(OSCAP_TEMP_DIR "/tmp" CACHE STRING "use different temporary directory to execute sce scripts (default=/tmp)")
+
+-# ---------- RPATHS for linking
+
+-# see https://cmake.org/Wiki/CMake_RPATH_handling
+-
+-# use, i.e. don't skip the full RPATH for the build tree
+-set(CMAKE_SKIP_BUILD_RPATH FALSE)
+-
+-# when building, don't use the install RPATH already
+-# (but later on when installing)
+-set(CMAKE_BUILD_WITH_INSTALL_RPATH FALSE)
+-
+-set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR})
+-
+-# add the automatically determined parts of the RPATH
+-# which point to directories outside the build tree to the install RPATH
+-set(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE)
+-
+-# Turn on RPATH for OSX for policy warning
+-set(CMAKE_MACOSX_RPATH ON)
+ # ---------- CONFIGURATION
+
+ configure_file("config.h.in" "config.h")
diff --git a/SOURCES/openscap-1.3.6-rpminspect-xml-pr-1773.patch b/SOURCES/openscap-1.3.6-rpminspect-xml-pr-1773.patch
new file mode 100644
index 0000000..c78fa7c
--- /dev/null
+++ b/SOURCES/openscap-1.3.6-rpminspect-xml-pr-1773.patch
@@ -0,0 +1,81 @@
+From e515fc9694efb8703f6c55782094e0273c0dec9d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Fri, 25 Jun 2021 13:59:59 +0200
+Subject: [PATCH] Workaround rpminspect problem
+
+rpminspect produces this problem:
+
+xml-files:
+----------
+1) File /usr/share/openscap/xsl/oval-results-report.xsl is a malformed XML file on x86_64
+Result: VERIFY
+Waiver Authorization: Anyone
+
+Details:
+No declaration for element stylesheet
+
+Suggested Remedy: Correct the reported errors in the XML document
+
+I assume that it's caused by mixing the DTD and schema - it probably
+expects that the DTD will contain a declaration of the root element
+as well. The workaround simply expands both entities by substituting
+them by their contents.
+---
+ xsl/oval-results-report.xsl | 18 ++++++------------
+ 1 file changed, 6 insertions(+), 12 deletions(-)
+
+diff --git a/xsl/oval-results-report.xsl b/xsl/oval-results-report.xsl
+index fe50717795..744540c8f8 100644
+--- a/xsl/oval-results-report.xsl
++++ b/xsl/oval-results-report.xsl
+@@ -1,10 +1,4 @@
+ <?xml version="1.0" encoding="UTF-8"?>
+-<!DOCTYPE xsl:stylesheet [
+-<!-- check symbol -->
+-<!ENTITY resultgood "✓">
+-<!-- x symbol -->
+-<!ENTITY resultbad "✕">
+-]>
+ <!--
+
+ ****************************************************************************************
+@@ -129,7 +123,7 @@
+ <tr class="LightRow">
+ <td class="resultbadA ColorBox"/>
+ <td class="resultbadB ColorBox"/>
+- <td class="Text" title="Non-Compliant/Vulnerable/Unpatched">&resultbad;</td>
++ <td class="Text" title="Non-Compliant/Vulnerable/Unpatched">✕</td>
+ </tr>
+ </table>
+ </td>
+@@ -138,7 +132,7 @@
+ <tr class="LightRow">
+ <td class="resultgoodA ColorBox"/>
+ <td class="resultgoodB ColorBox"/>
+- <td class="Text" title="Compliant/Non-Vulnerable/Patched">&resultgood;</td>
++ <td class="Text" title="Compliant/Non-Vulnerable/Patched">✓</td>
+ </tr>
+ </table>
+ </td>
+@@ -227,8 +221,8 @@
+ <table border="1">
+ <tr class="Title">
+ <td class="TitleLabel" align="center">Systems Analyzed</td>
+- <td class="TitleLabel" align="center" title="Non-Compliant/Vulnerable/Unpatched">&resultbad;</td>
+- <td class="TitleLabel" align="center" title="Compliant/Non-Vulnerable/Patched">&resultgood;</td>
++ <td class="TitleLabel" align="center" title="Non-Compliant/Vulnerable/Unpatched">✕</td>
++ <td class="TitleLabel" align="center" title="Compliant/Non-Vulnerable/Patched">✓</td>
+ <td class="TitleLabel" align="center">Errors</td>
+ <td class="TitleLabel" align="center">Unknown</td>
+ <td class="TitleLabel" align="center" title="Inventory/Miscellaneous class, or Not Applicable/Not Evaluated result">Other</td>
+@@ -497,8 +491,8 @@
+ <xsl:template name="GeneratorResTotals">
+ <xsl:param name="resultsElm"/>
+ <tr class="DarkRow Center">
+- <td class="SmallLabel" style="width: 20%;" title="Non-Compliant/Vulnerable/Unpatched">#&resultbad;</td>
+- <td class="SmallLabel" style="width: 20%;" title="Compliant/Non-Vulnerable/Patched">#&resultgood;</td>
++ <td class="SmallLabel" style="width: 20%;" title="Non-Compliant/Vulnerable/Unpatched">#✕</td>
++ <td class="SmallLabel" style="width: 20%;" title="Compliant/Non-Vulnerable/Patched">#✓</td>
+ <td class="SmallLabel" style="width: 20%;" title="Error">#Error</td>
+ <td class="SmallLabel" style="width: 20%;" title="Unknown">#Unknown</td>
+ <td class="SmallLabel" style="width: 20%;" title="Inventory/Miscellaneous class, or Not Applicable/Not Evaluated result">#Other</td>
diff --git a/SOURCES/openscap-1.3.6-ubi9-pr-1772.patch b/SOURCES/openscap-1.3.6-ubi9-pr-1772.patch
new file mode 100644
index 0000000..85311ce
--- /dev/null
+++ b/SOURCES/openscap-1.3.6-ubi9-pr-1772.patch
@@ -0,0 +1,38 @@
+From 80543bc666d648d0251e4c7b675489b8011a548a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Fri, 25 Jun 2021 10:19:43 +0200
+Subject: [PATCH] Fix UBI 9 scan
+
+In offline mode when scanning a cointainer based on UBI 9 the
+system_info probe failed because the function `_offline_get_hname` which
+reads from `/etc/hostname` returns an empty string which causes
+`__sysinfo_saneval(hname)` check to return zero which in turn causes the
+probe returns an error. We can prevent this situation by replacing the
+empty string by `"Unknown"`, which we already do when the `hname` is
+`NULL`.
+
+Addressing:
+
+W: oscap: Can't receive message: 125, Operation canceled.
+E: oscap: Recv: retry limit (0) reached.
+OpenSCAP Error: Probe at sd=32 (system_info) reported an error: Invalid type, value or format [/home/jcerny/work/git/openscap/src/OVAL/oval_probe_ext.c:383]
+Unable to receive a message from probe [/home/jcerny/work/git/openscap/src/OVAL/oval_probe_ext.c:572]
+
+Resolves: rhbz#1953610
+---
+ src/OVAL/probes/independent/system_info_probe.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/OVAL/probes/independent/system_info_probe.c b/src/OVAL/probes/independent/system_info_probe.c
+index 9bdd73556d..8251e655ed 100644
+--- a/src/OVAL/probes/independent/system_info_probe.c
++++ b/src/OVAL/probes/independent/system_info_probe.c
+@@ -732,7 +732,7 @@ int system_info_probe_main(probe_ctx *ctx, void *arg)
+ if (!architecture)
+ architecture = strdup(unknown);
+
+- if (!hname)
++ if (!hname || *hname == '\0')
+ hname = strdup(unknown);
+
+ if (__sysinfo_saneval(os_name) < 1 ||
diff --git a/SOURCES/openscap-1.3.6-waive-hugetables-pr-1745.patch b/SOURCES/openscap-1.3.6-waive-hugetables-pr-1745.patch
new file mode 100644
index 0000000..4272a78
--- /dev/null
+++ b/SOURCES/openscap-1.3.6-waive-hugetables-pr-1745.patch
@@ -0,0 +1,43 @@
+From 192f908562779fe4c9b7e5cc7605840976a06c85 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Mon, 26 Apr 2021 13:13:26 +0200
+Subject: [PATCH] Waive the known issue with hugepages on ppc64/ppc64le
+
+The known issue has been reported in
+https://bugzilla.redhat.com/show_bug.cgi?id=1642995
+
+This modification is currently applied as a patch applied during setup
+phase of Sanity/smoke-test in Fedora CI gating.
+https://src.fedoraproject.org/tests/openscap/blob/main/f/Sanity/smoke-test
+The patched file got changed recetly so the patch doesn't apply anymore
+which causes the Rawhide gating to fail.
+We have decided to propose the change to upstream to avoid the need
+for modifying the patch in the tests and to prevent similar problems
+in the future.
+---
+ tests/probes/sysctl/test_sysctl_probe_all.sh | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/tests/probes/sysctl/test_sysctl_probe_all.sh b/tests/probes/sysctl/test_sysctl_probe_all.sh
+index 2280ff7ae..c79d7ed18 100755
+--- a/tests/probes/sysctl/test_sysctl_probe_all.sh
++++ b/tests/probes/sysctl/test_sysctl_probe_all.sh
+@@ -73,6 +73,10 @@ if [ "$procps_ver" != "$lowest_ver" ]; then
+ sed -i '/.*vm.stat_refresh/d' "$sysctlNames"
+ fi
+
++if ! grep -q "hugepages" "$ourNames"; then
++ sed -i "/^.*hugepages.*$/d" "$sysctlNames"
++fi
++
+ echo "Diff (sysctlNames / ourNames): ------"
+ diff "$sysctlNames" "$ourNames"
+ echo "-------------------------------------"
+@@ -84,6 +88,7 @@ sed -i -E "/^E: oscap: +Can't read sysctl value from /d" "$stderr"
+ # that can't fit into 8K buffer and result in errno 14
+ # (for example /proc/sys/kernel/spl/hostid could be the case)
+ sed -i -E "/^E: oscap: +An error.*14, Bad address/d" "$stderr"
++sed -i "/^.*hugepages.*$/d" "$stderr"
+
+ echo "Errors (without messages related to permissions):"
+ cat "$stderr"
diff --git a/SOURCES/openscap-1.3.6-yamlfile-null-pr-1756.patch b/SOURCES/openscap-1.3.6-yamlfile-null-pr-1756.patch
new file mode 100644
index 0000000..9489211
--- /dev/null
+++ b/SOURCES/openscap-1.3.6-yamlfile-null-pr-1756.patch
@@ -0,0 +1,150 @@
+From 89f99834ba183284a7d75835932a0c0ea4eb9007 Mon Sep 17 00:00:00 2001
+From: Evgeny Kolesnikov <ekolesni@redhat.com>
+Date: Mon, 17 May 2021 08:40:17 +0200
+Subject: [PATCH] oval/yamlfilecontent: Add 'null' values handling
+
+For now null values would be represented as string '(null)' as
+record's field could not be attributed as nil="true" yet.
+---
+ .../independent/yamlfilecontent_probe.c | 9 ++++
+ .../test_probes_yamlfilecontent_types.sh | 5 ++
+ .../test_probes_yamlfilecontent_types.xml | 52 +++++++++++++++++++
+ tests/probes/yamlfilecontent/types.yaml | 4 ++
+ 4 files changed, 70 insertions(+)
+
+diff --git a/src/OVAL/probes/independent/yamlfilecontent_probe.c b/src/OVAL/probes/independent/yamlfilecontent_probe.c
+index 62a8f4ff29..2d0cac6991 100644
+--- a/src/OVAL/probes/independent/yamlfilecontent_probe.c
++++ b/src/OVAL/probes/independent/yamlfilecontent_probe.c
+@@ -41,6 +41,7 @@
+ #define OSCAP_YAML_BOOL_TAG "tag:yaml.org,2002:bool"
+ #define OSCAP_YAML_FLOAT_TAG "tag:yaml.org,2002:float"
+ #define OSCAP_YAML_INT_TAG "tag:yaml.org,2002:int"
++#define OSCAP_YAML_NULL_TAG "tag:yaml.org,2002:null"
+
+ #define OVECCOUNT 30 /* should be a multiple of 3 */
+
+@@ -135,6 +136,14 @@ static SEXP_t *yaml_scalar_event_to_sexp(yaml_event_t *event)
+ return NULL;
+ }
+ }
++ if (question || !strcmp(tag, OSCAP_YAML_NULL_TAG)) {
++ if (match_regex("^(null|Null|NULL|~|)$", value)) {
++ // TODO: Return real NULL when record's field will support nil="true"
++ return SEXP_string_new("(null)", strlen("(null)"));
++ } else if (!question) {
++ return NULL;
++ }
++ }
+
+ return SEXP_string_new(value, strlen(value));
+ }
+diff --git a/tests/probes/yamlfilecontent/test_probes_yamlfilecontent_types.sh b/tests/probes/yamlfilecontent/test_probes_yamlfilecontent_types.sh
+index 4f110f6eb7..e445771d03 100755
+--- a/tests/probes/yamlfilecontent/test_probes_yamlfilecontent_types.sh
++++ b/tests/probes/yamlfilecontent/test_probes_yamlfilecontent_types.sh
+@@ -60,6 +60,11 @@ function test_probes_yamlfilecontent_types {
+ assert_exists 1 $sd'/ind-sys:yamlfilecontent_item/ind-sys:value/field[@name="#" and @datatype!="boolean" and text()="true"]'
+ # string_number
+ assert_exists 1 $sd'/ind-sys:yamlfilecontent_item/ind-sys:value/field[@name="#" and @datatype!="int" and text()="81"]'
++ # string_null
++ assert_exists 1 $sd'/ind-sys:yamlfilecontent_item/ind-sys:value/field[@name="#" and text()="null"]'
++
++ # null_1_2_3
++ assert_exists 3 $sd'/ind-sys:yamlfilecontent_item/ind-sys:value/field[@name="#" and text()="(null)"]'
+
+ # bool_error_cast, int_error_cast, float_error_cast
+ co='/oval_results/results/system/oval_system_characteristics/collected_objects'
+diff --git a/tests/probes/yamlfilecontent/test_probes_yamlfilecontent_types.xml b/tests/probes/yamlfilecontent/test_probes_yamlfilecontent_types.xml
+index adf96571b8..503ec2d4a4 100644
+--- a/tests/probes/yamlfilecontent/test_probes_yamlfilecontent_types.xml
++++ b/tests/probes/yamlfilecontent/test_probes_yamlfilecontent_types.xml
+@@ -262,6 +262,19 @@
+ </criteria>
+ </definition>
+
++ <definition class="compliance" version="1" id="oval:0:def:26">
++ <metadata>
++ <title></title>
++ <description></description>
++ </metadata>
++ <criteria operator="AND">
++ <criterion comment="comment" test_ref="oval:0:tst:26"/>
++ <criterion comment="comment" test_ref="oval:0:tst:27"/>
++ <criterion comment="comment" test_ref="oval:0:tst:28"/>
++ <criterion comment="comment" test_ref="oval:0:tst:29"/>
++ </criteria>
++ </definition>
++
+ </definitions>
+
+ <tests>
+@@ -364,6 +377,21 @@
+ <ind-def:object object_ref="oval:0:obj:25"/>
+ </ind-def:yamlfilecontent_test>
+
++ <ind-def:yamlfilecontent_test version="1" id="oval:0:tst:26" check="all" comment="true">
++ <ind-def:object object_ref="oval:0:obj:26"/>
++ </ind-def:yamlfilecontent_test>
++
++ <ind-def:yamlfilecontent_test version="1" id="oval:0:tst:27" check="all" comment="true">
++ <ind-def:object object_ref="oval:0:obj:27"/>
++ </ind-def:yamlfilecontent_test>
++
++ <ind-def:yamlfilecontent_test version="1" id="oval:0:tst:28" check="all" comment="true">
++ <ind-def:object object_ref="oval:0:obj:28"/>
++ </ind-def:yamlfilecontent_test>
++
++ <ind-def:yamlfilecontent_test version="1" id="oval:0:tst:29" check="all" comment="true">
++ <ind-def:object object_ref="oval:0:obj:29"/>
++ </ind-def:yamlfilecontent_test>
+ </tests>
+
+ <objects>
+@@ -517,6 +545,30 @@
+ <ind-def:filename>types.yaml</ind-def:filename>
+ <ind-def:yamlpath>.float_error_cast</ind-def:yamlpath>
+ </ind-def:yamlfilecontent_object>
++
++ <ind-def:yamlfilecontent_object version="1" id="oval:0:obj:26">
++ <ind-def:path>/tmp</ind-def:path>
++ <ind-def:filename>types.yaml</ind-def:filename>
++ <ind-def:yamlpath>.null_1</ind-def:yamlpath>
++ </ind-def:yamlfilecontent_object>
++
++ <ind-def:yamlfilecontent_object version="1" id="oval:0:obj:27">
++ <ind-def:path>/tmp</ind-def:path>
++ <ind-def:filename>types.yaml</ind-def:filename>
++ <ind-def:yamlpath>.null_2</ind-def:yamlpath>
++ </ind-def:yamlfilecontent_object>
++
++ <ind-def:yamlfilecontent_object version="1" id="oval:0:obj:28">
++ <ind-def:path>/tmp</ind-def:path>
++ <ind-def:filename>types.yaml</ind-def:filename>
++ <ind-def:yamlpath>.null_3</ind-def:yamlpath>
++ </ind-def:yamlfilecontent_object>
++
++ <ind-def:yamlfilecontent_object version="1" id="oval:0:obj:29">
++ <ind-def:path>/tmp</ind-def:path>
++ <ind-def:filename>types.yaml</ind-def:filename>
++ <ind-def:yamlpath>.string_null</ind-def:yamlpath>
++ </ind-def:yamlfilecontent_object>
+ </objects>
+
+ </oval_definitions>
+diff --git a/tests/probes/yamlfilecontent/types.yaml b/tests/probes/yamlfilecontent/types.yaml
+index f05fa3a967..fb26eab5f0 100644
+--- a/tests/probes/yamlfilecontent/types.yaml
++++ b/tests/probes/yamlfilecontent/types.yaml
+@@ -19,7 +19,11 @@ bool_false_cast: !!bool "false"
+ int_cast: !!int "369"
+ float_cast: !!float "978.65"
+ string_true: "true"
++string_null: "null"
+ string_number: "81"
+ bool_error_cast: !!bool "falsee"
+ int_error_cast: !!int "50%"
+ float_error_cast: !!float "58.41$"
++null_1: null
++null_2:
++null_3: !!null "null"
diff --git a/SPECS/openscap.spec b/SPECS/openscap.spec
new file mode 100644
index 0000000..105f6ac
--- /dev/null
+++ b/SPECS/openscap.spec
@@ -0,0 +1,734 @@
+Name: openscap
+Version: 1.3.5
+Release: 8%{?dist}
+Epoch: 1
+Summary: Set of open source libraries enabling integration of the SCAP line of standards
+License: LGPLv2+
+URL: http://www.open-scap.org/
+Source0: https://github.com/OpenSCAP/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz
+Patch1: openscap-1.3.6-waive-hugetables-pr-1745.patch
+Patch2: openscap-1.3.6-replace-getlogin-pr-1753.patch
+Patch3: openscap-1.3.6-rpath-pr-1765.patch
+Patch4: openscap-1.3.6-ubi9-pr-1772.patch
+Patch5: openscap-1.3.6-rpminspect-xml-pr-1773.patch
+Patch6: openscap-1.3.6-fix-failing-test-pr-1775.patch
+Patch7: openscap-1.3.6-yamlfile-null-pr-1756.patch
+Patch8: openscap-1.3.6-coverity-issues-pr-1748.patch
+Patch9: openscap-1.3.6-coverity-issues-pr-1778.patch
+Patch10: openscap-1.3.6-disable-sha1-md5-pr-1781.patch
+BuildRequires: make
+BuildRequires: cmake >= 2.6
+BuildRequires: gcc
+BuildRequires: gcc-c++
+BuildRequires: swig libxml2-devel libxslt-devel perl-generators perl-XML-Parser
+BuildRequires: rpm-devel
+BuildRequires: libgcrypt-devel
+BuildRequires: pcre-devel
+BuildRequires: libacl-devel
+BuildRequires: libselinux-devel
+BuildRequires: libcap-devel
+BuildRequires: libblkid-devel
+BuildRequires: bzip2-devel
+BuildRequires: asciidoc
+BuildRequires: openldap-devel
+BuildRequires: glib2-devel
+BuildRequires: dbus-devel
+BuildRequires: libyaml-devel
+BuildRequires: xmlsec1-devel xmlsec1-openssl-devel
+%if %{?_with_check:1}%{!?_with_check:0}
+BuildRequires: perl-XML-XPath
+BuildRequires: bzip2
+%endif
+Requires: bash
+Requires: bzip2-libs
+Requires: dbus
+Requires: libyaml
+Requires: glib2
+Requires: libacl
+Requires: libblkid
+Requires: libcap
+Requires: libselinux
+Requires: openldap
+Requires: popt
+# We have procps-ng, which provides procps
+Requires: procps
+Requires: xmlsec1 xmlsec1-openssl
+
+%description
+OpenSCAP is a set of open source libraries providing an easier path
+for integration of the SCAP line of standards. SCAP is a line of standards
+managed by NIST with the goal of providing a standard language
+for the expression of Computer Network Defense related information.
+
+%package devel
+Summary: Development files for %{name}
+Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
+Requires: libxml2-devel
+Requires: pkgconfig
+BuildRequires: doxygen
+
+%description devel
+The %{name}-devel package contains libraries and header files for
+developing applications that use %{name}.
+
+%package python3
+Summary: Python 3 bindings for %{name}
+Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
+BuildRequires: python3-devel
+
+%description python3
+The %{name}-python3 package contains the bindings so that %{name}
+libraries can be used by python3.
+
+%package scanner
+Summary: OpenSCAP Scanner Tool (oscap)
+Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
+Requires: libcurl >= 7.12.0
+BuildRequires: libcurl-devel >= 7.12.0
+
+%description scanner
+The %{name}-scanner package contains oscap command-line tool. The oscap
+is configuration and vulnerability scanner, capable of performing
+compliance checking using SCAP content.
+
+%package utils
+Summary: OpenSCAP Utilities
+Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
+Requires: rpmdevtools rpm-build
+Requires: %{name}-scanner%{?_isa} = %{epoch}:%{version}-%{release}
+Requires: bash
+
+%description utils
+The %{name}-utils package contains command-line tools build on top
+of OpenSCAP library. Historically, openscap-utils included oscap
+tool which is now separated to %{name}-scanner sub-package.
+
+%package engine-sce
+Summary: Script Check Engine plug-in for OpenSCAP
+Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
+
+%description engine-sce
+The Script Check Engine is non-standard extension to SCAP protocol. This
+engine allows content authors to avoid OVAL language and write their assessment
+commands using a scripting language (Bash, Perl, Python, Ruby, ...).
+
+%package engine-sce-devel
+Summary: Development files for %{name}-engine-sce
+Requires: %{name}-devel%{?_isa} = %{epoch}:%{version}-%{release}
+Requires: %{name}-engine-sce%{?_isa} = %{epoch}:%{version}-%{release}
+Requires: pkgconfig
+
+%description engine-sce-devel
+The %{name}-engine-sce-devel package contains libraries and header files
+for developing applications that use %{name}-engine-sce.
+
+%prep
+%autosetup -p1
+
+%build
+# gconf is a legacy system not used any more, and it blocks testing of oscap-anaconda-addon
+# as gconf is no longer part of the installation medium
+%cmake \
+ -DENABLE_DOCS=ON \
+ -DENABLE_PERL=OFF \
+ -DENABLE_OSCAP_UTIL_DOCKER=OFF \
+ -DOPENSCAP_PROBE_UNIX_GCONF=OFF \
+ -DOPENSCAP_ENABLE_SHA1=OFF \
+ -DOPENSCAP_ENABLE_MD5=OFF \
+ -DGCONF_LIBRARY=
+%cmake_build
+make docs
+
+%check
+%if %{?_with_check:1}%{!?_with_check:0}
+ctest -V %{?_smp_mflags}
+%endif
+
+%install
+%cmake_install
+
+find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
+
+# fix python shebangs
+pathfix.py -i %{__python3} -p -n $RPM_BUILD_ROOT%{_bindir}/scap-as-rpm
+
+%ldconfig_scriptlets
+
+%files
+%doc AUTHORS NEWS README.md
+%license COPYING
+%doc %{_pkgdocdir}/manual/
+%dir %{_datadir}/openscap
+%dir %{_datadir}/openscap/schemas
+%dir %{_datadir}/openscap/xsl
+%dir %{_datadir}/openscap/cpe
+%{_libdir}/libopenscap.so.*
+%{_datadir}/openscap/schemas/*
+%{_datadir}/openscap/xsl/*
+%{_datadir}/openscap/cpe/*
+
+%files python3
+%{python3_sitearch}/*
+
+%files devel
+%doc %{_pkgdocdir}/html/
+%{_libdir}/libopenscap.so
+%{_libdir}/pkgconfig/*.pc
+%{_includedir}/openscap
+%exclude %{_includedir}/openscap/sce_engine_api.h
+
+%files engine-sce-devel
+%{_libdir}/libopenscap_sce.so
+%{_includedir}/openscap/sce_engine_api.h
+
+%files scanner
+%{_mandir}/man8/oscap.8.gz
+%{_bindir}/oscap
+%{_mandir}/man8/oscap-chroot.8.gz
+%{_bindir}/oscap-chroot
+%{_sysconfdir}/bash_completion.d
+
+%files utils
+%doc docs/oscap-scan.cron
+%{_mandir}/man8/oscap-ssh.8.gz
+%{_bindir}/oscap-ssh
+%{_mandir}/man8/oscap-podman.8.gz
+%{_bindir}/oscap-podman
+%{_mandir}/man8/oscap-vm.8.gz
+%{_bindir}/oscap-vm
+%{_mandir}/man8/scap-as-rpm.8.gz
+%{_bindir}/scap-as-rpm
+%{_mandir}/man8/autotailor.8.gz
+%{_bindir}/autotailor
+
+%files engine-sce
+%{_libdir}/libopenscap_sce.so.*
+%{_bindir}/oscap-run-sce-script
+
+%changelog
+* Fri Aug 27 2021 Jan Černý <jcerny@redhat.com> - 1:1.3.5-8
+- Revert Epoch removal
+
+* Tue Aug 24 2021 Evgenii Kolesnikov <ekolesni@redhat.com> - 1:1.3.5-7
+- Update package spec file
+
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:1.3.5-6
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+ Related: rhbz#1991688
+
+* Thu Jul 22 2021 Jan Černý <jcerny@redhat.com> - 1:1.3.5-5
+- Remove support for SHA-1 and MD5 (rhbz#1936619)
+- Fix coverity findings (rhbz#1938830)
+
+* Tue Jun 29 2021 Jan Černý <jcerny@redhat.com> - 1:1.3.5-4
+- Fix failing test tests/API/XCCDF/unittests/test_profile_selection_by_suffix.sh
+- Add 'null' yamlfilecontent values handling
+
+* Mon Jun 28 2021 Jan Černý <jcerny@redhat.com> - 1:1.3.5-3
+- Do not set RPATH on built binaries
+- Fix UBI9 scan (rhbz#1953610)
+- Fix failing rpminspect xml test
+
+* Thu May 20 2021 Jan Černý <jcerny@redhat.com> - 1:1.3.5-2
+- Remove containers subpackage
+
+* Fri Apr 23 2021 Jan Černý <jcerny@redhat.com> - 1:1.3.5-1
+- Update to the latest upstream release
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1:1.3.4-4
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Wed Dec 09 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.4-3
+- Remove dependency on GConf2
+- Update cmake command
+
+* Tue Nov 03 2020 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.4-2
+- Fix problems uncovered by the Coverity Scan
+- Fix field names handling in yamlfilecontent probe
+
+* Wed Oct 07 2020 Evgenii Kolesnikov <ekolesni@redhat.com> - 1:1.3.4-1
+- Upgrade to the latest upstream release
+
+* Thu Aug 27 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.3-6
+- Disabled the gconf probe, and removed the gconf dependency.
+ gconf is a legacy system not used any more, and it blocks testing of oscap-anaconda-addon
+ as gconf is no longer part of the installation medium for Fedora 32
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.3-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 1:1.3.3-4
+- Update spec file to use new cmake macros
+- https://fedoraproject.org/wiki/Changes/CMake_to_do_out-of-source_builds
+
+* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 1:1.3.3-3
+- Rebuilt for Python 3.9
+
+* Mon May 04 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.3-2
+- Add libyaml-devel as a dependency to enable yamlfilecontent probe
+
+* Thu Apr 30 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.3-1
+- Upgrade to the latest upstream release
+
+* Thu Apr 09 2020 Matěj Týč <matyc@redhat.com> - 1:1.3.2-5
+- Made the spec file requirements section copy-paste of the RHEL8 section.
+- Cleaned the spec file up from ancient obsoletes.
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Mon Jan 27 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.2-3
+- Fix duplicate global variables (RHBZ#1793914)
+
+* Wed Jan 15 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.2-2
+- Do not use C++ keyword operator as a function parameter name
+
+* Tue Jan 14 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.2-1
+- Upgrade to the latest upstream release
+
+* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 1:1.3.1-4
+- Rebuilt for Python 3.8.0rc1 (#1748018)
+
+* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 1:1.3.1-3
+- Rebuilt for Python 3.8
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Thu Jun 13 2019 Jan Černý <jcerny@redhat.com> - 1:1.3.1-1
+- upgrade to the latest upstream release
+
+* Mon Jun 10 22:13:21 CET 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:1.3.0-7
+- Rebuild for RPM 4.15
+
+* Mon Jun 10 15:42:04 CET 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:1.3.0-6
+- Rebuild for RPM 4.15
+
+* Sat Jun 01 2019 Jitka Plesnikova <jplesnik@redhat.com> - 1:1.3.0-5
+- Perl 5.30 rebuild
+
+* Mon May 20 2019 Jan Černý <jcerny@redhat.com> - 1.3.0-4
+- Upgrade the Epoch to align with F30
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Fri Oct 19 2018 Matěj Týč <matyc@redhat.com> - 1.3.0-2
+- Removed the openscap-perl package to be on par with RHEL.
+
+* Tue Oct 09 2018 Jan Černý <jcerny@redhat.com> - 1.3.0-1
+- upgrade to the latest upstream release
+
+* Mon Sep 10 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha2-2
+- List subpackages removed in 1.3.0_alpha1-1 as obsoleted (RHBZ#1626801)
+
+* Mon Aug 13 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha2-1
+- upgrade to the latest upstream release
+
+* Wed Jul 25 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha1-2
+- removed python2-openscap subpackage
+
+* Wed Jul 18 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha1-1
+- upgrade to the latest upstream release
+- change specfile to use CMake
+- dropped commands in the spec file that are no longer relevant
+- dropped subpackages in the spec file that are no longer relevant
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.17-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Jul 03 2018 Petr Pisar <ppisar@redhat.com> - 1.2.17-4
+- Perl 5.28 rebuild
+
+* Fri Jun 29 2018 Jitka Plesnikova <jplesnik@redhat.com> - 1.2.17-3
+- Perl 5.28 rebuild
+
+* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 1.2.17-2
+- Rebuilt for Python 3.7
+
+* Tue May 29 2018 Jan Černý <jcerny@redhat.com> - 1.2.17-1
+- upgrade to the latest upstream release
+
+* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.16-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Fri Jan 12 2018 Iryna Shcherbina <ishcherb@redhat.com> - 1.2.16-2
+- Update Python 2 dependency declarations to new packaging standards
+ (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
+
+* Tue Nov 14 2017 jcerny@redhat.com - 1.2.16-1
+- upgrade to the latest upstream release
+
+* Thu Oct 05 2017 Martin Preisler <mpreisle@redhat.com> - 1.2.15-2
+- moved oscap-chroot to openscap-scanner because it's a thin wrapper script with no dependencies
+
+* Fri Aug 25 2017 Jan Černý <jcerny@redhat.com> - 1.2.15-1
+- upgrade to the latest upstream release
+
+* Sun Aug 20 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.2.14-9
+- Add Provides for the old name without %%_isa
+
+* Sat Aug 19 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.2.14-8
+- Python 2 binary package renamed to python2-openscap
+ See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
+
+* Fri Aug 11 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.2.14-7
+- Rebuilt after RPM update (№ 3)
+
+* Thu Aug 10 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.2.14-6
+- Rebuilt for RPM soname bump
+
+* Thu Aug 10 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.2.14-5
+- Rebuilt for RPM soname bump
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.14-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.14-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Sun Jun 04 2017 Jitka Plesnikova <jplesnik@redhat.com> - 1.2.14-2
+- Perl 5.26 rebuild
+
+* Tue Mar 21 2017 Martin Preisler <mpreisle@redhat.com> - 1.2.14-1
+- upgrade to the latest upstream release
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.13-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Thu Jan 05 2017 Martin Preisler <mpreisle@redhat.com> - 1.2.13-1
+- upgrade to the latest upstream release
+
+* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 1.2.12-2
+- Rebuild for Python 3.6
+
+* Tue Nov 22 2016 Martin Preisler <mpreisle@redhat.com> - 1.2.12-1
+- upgrade to the latest upstream release
+
+* Wed Oct 19 2016 Martin Preisler <mpreisle@redhat.com> - 1.2.11-1
+- upgrade to the latest upstream release
+
+* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.10-2
+- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
+
+* Tue Jul 12 2016 Martin Preisler <mpreisle@redhat.com> - 1.2.10-1
+- upgrade to the latest upstream release
+
+* Tue May 17 2016 Jitka Plesnikova <jplesnik@redhat.com> - 1.2.9-2
+- Perl 5.24 rebuild
+
+* Fri Apr 22 2016 Martin Preisler <mpreisle@redhat.com> - 1.2.9-1
+- upgrade to the latest upstream release
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.8-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Mon Jan 18 2016 Šimon Lukašík <slukasik@redhat.com> - 1.2.8-1
+- upgrade to the latest upstream release
+
+* Thu Dec 03 2015 Šimon Lukašík <slukasik@redhat.com> - 1.2.7-1
+- upgrade to the latest upstream release
+
+* Tue Nov 10 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.6-4
+- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5
+
+* Tue Oct 13 2015 Zbyněk Moravec <zmoravec@redhat.com> - 1.2.6-3
+- fix oscap-docker shebang
+
+* Wed Oct 07 2015 Šimon Lukašík <slukasik@redhat.com> - 1.2.6-2
+- put oscap-docker to openscap-containers subpackage
+- do not require atomic at all
+
+* Mon Oct 05 2015 Zbyněk Moravec <zmoravec@redhat.com> - 1.2.6-1
+- upgrade to the latest upstream release
+
+* Wed Jul 29 2015 Martin Preisler <mpreisle@redhat.com> - 1.2.5-2
+- rebuilt because of librpm and librpmio ABI break
+
+* Mon Jul 06 2015 Šimon Lukašík <slukasik@redhat.com> - 1.2.5-1
+- upgrade to the latest upstream release
+
+* Sat Jun 20 2015 Šimon Lukašík <slukasik@redhat.com> - 1.2.4-1
+- upgrade to the latest upstream release.
+- Content of selinux package has been purged.
+
+* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Sat Jun 06 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.2.3-2
+- Perl 5.22 rebuild
+
+* Fri May 01 2015 Šimon Lukašík <slukasik@redhat.com> - 1.2.3-1
+- upgrade to the latest upstream release
+
+* Thu Apr 02 2015 Šimon Lukašík <slukasik@redhat.com> - 1.2.2-1
+- upgrade to the latest upstream release
+
+* Sat Jan 10 2015 Šimon Lukašík <slukasik@redhat.com> - 1.2.1-1
+- upgrade to the latest upstream release
+
+* Tue Dec 02 2014 Šimon Lukašík <slukasik@redhat.com> - 1.2.0-1
+- upgrade to the latest upstream release
+
+* Fri Sep 26 2014 Šimon Lukašík <slukasik@redhat.com> - 1.1.1-1
+- upgrade to the latest upstream release
+
+* Fri Sep 05 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1.1.0-2
+- Perl 5.20 rebuild
+
+* Wed Sep 03 2014 Šimon Lukašík <slukasik@redhat.com> - 1.1.0-1
+- upgrade
+
+* Thu Aug 28 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1.0.9-4
+- Perl 5.20 rebuild
+
+* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.9-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Tue Jul 01 2014 Šimon Lukašík <slukasik@redhat.com> - 1.0.9-2
+- Extract oscap tool to a separate package (rhbz#1115116)
+
+* Wed Jun 25 2014 Martin Preisler <mpreisle@redhat.com> - 1.0.9-1
+- upgrade
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.8-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Wed Mar 26 2014 Šimon Lukašík <slukasik@redhat.com> - 1.0.8-1
+- upgrade
+
+* Thu Mar 20 2014 Šimon Lukašík <slukasik@redhat.com> - 1.0.7-1
+- upgrade
+
+* Wed Mar 19 2014 Šimon Lukašík <slukasik@redhat.com> - 1.0.6-1
+- upgrade
+
+* Fri Mar 14 2014 Šimon Lukašík <slukasik@redhat.com> - 1.0.5-1
+- upgrade
+
+* Thu Feb 13 2014 Šimon Lukašík <slukasik@redhat.com> - 1.0.4-1
+- upgrade
+
+* Tue Jan 14 2014 Šimon Lukašík <slukasik@redhat.com> - 1.0.3-1
+- upgrade
+- This upstream release addresses: #1052142
+
+* Fri Jan 10 2014 Šimon Lukašík <slukasik@redhat.com> - 1.0.2-1
+- upgrade
+- This upstream release addresses: #1018291, #1029879, #1026833
+
+* Thu Nov 28 2013 Šimon Lukašík <slukasik@redhat.com> - 1.0.1-1
+- upgrade
+
+* Tue Nov 26 2013 Šimon Lukašík <slukasik@redhat.com> - 1.0.0-3
+- expand LT_CURRENT_MINUS_AGE correctly
+
+* Thu Nov 21 2013 Šimon Lukašík <slukasik@redhat.com> - 1.0.0-2
+- dlopen libopenscap_sce.so.{current-age} explicitly
+ That allows for SCE to work without openscap-engine-sce-devel
+
+* Tue Nov 19 2013 Šimon Lukašík <slukasik@redhat.com> - 1.0.0-1
+- upgrade
+- package openscap-engine-sce-devel separately
+
+* Fri Nov 15 2013 Šimon Lukašík <slukasik@redhat.com> - 0.9.13-7
+- do not obsolete openscap-conten just drop it (#1028706)
+ scap-security-guide will bring the Obsoletes tag
+
+* Thu Nov 14 2013 Šimon Lukašík <slukasik@redhat.com> - 0.9.13-6
+- only non-noarch packages should be requiring specific architecture
+
+* Sat Nov 09 2013 Šimon Lukašík <slukasik@redhat.com> 0.9.13-5
+- specify architecture when requiring base package
+
+* Fri Nov 08 2013 Šimon Lukašík <slukasik@redhat.com> 0.9.13-4
+- specify dependency between engine and devel sub-package
+
+* Fri Nov 08 2013 Šimon Lukašík <slukasik@redhat.com> 0.9.13-3
+- correct openscap-utils dependencies
+
+* Fri Nov 08 2013 Šimon Lukašík <slukasik@redhat.com> 0.9.13-2
+- drop openscap-content package (use scap-security-guide instead)
+
+* Fri Nov 08 2013 Šimon Lukašík <slukasik@redhat.com> 0.9.13-1
+- upgrade
+
+* Thu Sep 26 2013 Šimon Lukašík <slukasik@redhat.com> 0.9.12-2
+- Start building SQL probes for Fedora
+
+* Wed Sep 11 2013 Šimon Lukašík <slukasik@redhat.com> 0.9.12-1
+- upgrade
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.11-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Thu Jul 18 2013 Petr Lautrbach <plautrba@redhat.com> 0.9.11-1
+- upgrade
+
+* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 0.9.10-2
+- Perl 5.18 rebuild
+
+* Mon Jul 15 2013 Petr Lautrbach <plautrba@redhat.com> 0.9.10-1
+- upgrade
+
+* Mon Jun 17 2013 Petr Lautrbach <plautrba@redhat.com> 0.9.8-1
+- upgrade
+
+* Fri Apr 26 2013 Petr Lautrbach <plautrba@redhat.com> 0.9.7-1
+- upgrade
+- add openscap-selinux sub-package
+
+* Wed Apr 24 2013 Petr Lautrbach <plautrba@redhat.com> 0.9.6-1
+- upgrade
+
+* Wed Mar 20 2013 Petr Lautrbach <plautrba@redhat.com> 0.9.5-1
+- upgrade
+
+* Mon Mar 04 2013 Petr Lautrbach <plautrba@redhat.com> 0.9.4.1-1
+- upgrade
+
+* Tue Feb 26 2013 Petr Lautrbach <plautrba@redhat.com> 0.9.4-1
+- upgrade
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Mon Dec 17 2012 Petr Lautrbach <plautrba@redhat.com> 0.9.3-1
+- upgrade
+
+* Wed Nov 21 2012 Petr Lautrbach <plautrba@redhat.com> 0.9.2-1
+- upgrade
+
+* Mon Oct 22 2012 Petr Lautrbach <plautrba@redhat.com> 0.9.1-1
+- upgrade
+
+* Tue Sep 25 2012 Peter Vrabec <pvrabec@redhat.com> 0.9.0-1
+- upgrade
+
+* Mon Aug 27 2012 Petr Lautrbach <plautrba@redhat.com> 0.8.5-1
+- upgrade
+
+* Tue Aug 07 2012 Petr Lautrbach <plautrba@redhat.com> 0.8.4-1
+- upgrade
+
+* Tue Jul 31 2012 Petr Lautrbach <plautrba@redhat.com> 0.8.3-2
+- fix Profile and @hidden issue
+
+* Mon Jul 30 2012 Petr Lautrbach <plautrba@redhat.com> 0.8.3-1
+- upgrade
+
+* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Jun 08 2012 Petr Pisar <ppisar@redhat.com> - 0.8.2-2
+- Perl 5.16 rebuild
+
+* Fri Mar 30 2012 Petr Lautrbach <plautrba@redhat.com> 0.8.2-1
+- upgrade
+
+* Tue Feb 21 2012 Peter Vrabec <pvrabec@redhat.com> 0.8.1-1
+- upgrade
+
+* Fri Feb 10 2012 Petr Pisar <ppisar@redhat.com> - 0.8.0-3
+- Rebuild against PCRE 8.30
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue Oct 11 2011 Peter Vrabec <pvrabec@redhat.com> 0.8.0-1
+- upgrade
+
+* Mon Jul 25 2011 Peter Vrabec <pvrabec@redhat.com> 0.7.4-1
+- upgrade
+
+* Thu Jul 21 2011 Petr Sabata <contyk@redhat.com> - 0.7.3-3
+- Perl mass rebuild
+
+* Wed Jul 20 2011 Petr Sabata <contyk@redhat.com> - 0.7.3-2
+- Perl mass rebuild
+
+* Fri Jun 24 2011 Peter Vrabec <pvrabec@redhat.com> 0.7.3-1
+- upgrade
+
+* Fri Jun 17 2011 Marcela Mašláňová <mmaslano@redhat.com> - 0.7.2-3
+- Perl mass rebuild
+
+* Fri Jun 10 2011 Marcela Mašláňová <mmaslano@redhat.com> - 0.7.2-2
+- Perl 5.14 mass rebuild
+
+* Wed Apr 20 2011 Peter Vrabec <pvrabec@redhat.com> 0.7.2-1
+- upgrade
+
+* Fri Mar 11 2011 Peter Vrabec <pvrabec@redhat.com> 0.7.1-1
+- upgrade
+
+* Thu Feb 10 2011 Peter Vrabec <pvrabec@redhat.com> 0.7.0-1
+- upgrade
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.8-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Mon Jan 31 2011 Peter Vrabec <pvrabec@redhat.com> 0.6.8-1
+- upgrade
+
+* Fri Jan 14 2011 Peter Vrabec <pvrabec@redhat.com> 0.6.7-1
+- upgrade
+
+* Wed Oct 20 2010 Peter Vrabec <pvrabec@redhat.com> 0.6.4-1
+- upgrade
+
+* Tue Sep 14 2010 Peter Vrabec <pvrabec@redhat.com> 0.6.3-1
+- upgrade
+
+* Fri Aug 27 2010 Peter Vrabec <pvrabec@redhat.com> 0.6.2-1
+- upgrade
+
+* Wed Jul 14 2010 Peter Vrabec <pvrabec@redhat.com> 0.6.0-1
+- upgrade
+
+* Wed May 26 2010 Peter Vrabec <pvrabec@redhat.com> 0.5.11-1
+- upgrade
+
+* Fri May 07 2010 Peter Vrabec <pvrabec@redhat.com> 0.5.10-1
+- upgrade
+
+* Fri Apr 16 2010 Peter Vrabec <pvrabec@redhat.com> 0.5.9-1
+- upgrade
+
+* Fri Feb 26 2010 Peter Vrabec <pvrabec@redhat.com> 0.5.7-1
+- upgrade
+- new utils package
+
+* Mon Jan 04 2010 Peter Vrabec <pvrabec@redhat.com> 0.5.6-1
+- upgrade
+
+* Tue Sep 29 2009 Peter Vrabec <pvrabec@redhat.com> 0.5.3-1
+- upgrade
+
+* Wed Aug 19 2009 Peter Vrabec <pvrabec@redhat.com> 0.5.2-1
+- upgrade
+
+* Mon Aug 03 2009 Peter Vrabec <pvrabec@redhat.com> 0.5.1-2
+- add rpm-devel requirement
+
+* Mon Aug 03 2009 Peter Vrabec <pvrabec@redhat.com> 0.5.1-1
+- upgrade
+
+* Thu Apr 30 2009 Peter Vrabec <pvrabec@redhat.com> 0.3.3-1
+- upgrade
+
+* Thu Apr 23 2009 Peter Vrabec <pvrabec@redhat.com> 0.3.2-1
+- upgrade
+
+* Sun Mar 29 2009 Peter Vrabec <pvrabec@redhat.com> 0.1.4-1
+- upgrade
+
+* Fri Mar 27 2009 Peter Vrabec <pvrabec@redhat.com> 0.1.3-2
+- spec file fixes (#491892)
+
+* Tue Mar 24 2009 Peter Vrabec <pvrabec@redhat.com> 0.1.3-1
+- upgrade
+
+* Thu Jan 15 2009 Tomas Heinrich <theinric@redhat.com> 0.1.1-1
+- Initial rpm
+