From a4d39985d9b7b262e9604e4a9c3150b46f8956ab919ef394f859f05092d2cb1e Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Wed, 3 Jun 2020 19:36:04 +0000 Subject: [PATCH] - Update to release 1.8.5 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/iptables?expand=0&rev=138 --- iptables-1.8.4.tar.bz2 | 3 --- iptables-1.8.4.tar.bz2.sig | Bin 590 -> 0 bytes iptables-1.8.5.tar.bz2 | 3 +++ iptables-1.8.5.tar.bz2.sig | Bin 0 -> 590 bytes iptables-apply-mktemp-fix.patch | 26 -------------------------- iptables-batch.patch | 14 +++++++------- iptables.changes | 8 ++++++++ iptables.spec | 16 +++++++--------- 8 files changed, 25 insertions(+), 45 deletions(-) delete mode 100644 iptables-1.8.4.tar.bz2 delete mode 100644 iptables-1.8.4.tar.bz2.sig create mode 100644 iptables-1.8.5.tar.bz2 create mode 100644 iptables-1.8.5.tar.bz2.sig delete mode 100644 iptables-apply-mktemp-fix.patch diff --git a/iptables-1.8.4.tar.bz2 b/iptables-1.8.4.tar.bz2 deleted file mode 100644 index cf3f7ae..0000000 --- a/iptables-1.8.4.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:993a3a5490a544c2cbf2ef15cf7e7ed21af1845baf228318d5c36ef8827e157c -size 704312 diff --git a/iptables-1.8.4.tar.bz2.sig b/iptables-1.8.4.tar.bz2.sig deleted file mode 100644 index ea5b4c2546fc5c5bef08b7437edb2b4b1837df745bbffe06aa29bf95284bfabd..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 590 zcmV-U04?5axQOjX8;Nb5UWO2p(fIj(xvJ-xiZlb(heMp&%5AA z1v?xA#^IAms$AgxU8g)z^l)^?B1$^JbRn0C%bVY*o`2V-S7U8XnfbW%?IK4o1%Zen znqO)fPdg_^E;pjtW^Qs-h_-1PlFNc`S~YcKtt=R{oYxtcR=@eE=pIkGry06dN~meM zE03W?G*Kv~bY=+m08V{O4}G}LUrQ&t3f-f!^oa4gmlb!m$#L2S-$X)6KVEThycoT~ zrYZ-D?D5=?V4~RR=*roBZ3O1ZH+28iWjm5I%e-LuAp0+;!4Li>38cnU8%k1_ea}e) zJvd!xZ!BL}9vRDdZ6FTTHl>U&qQ^m|Z@4D_u?Vj7li^o0OyEb+Jy2V77Tg}Kn}I5l zGjy{xoZmw#cF=Z<3VR^v4VYoURcN05+p>rMjt4bktK1vM&q{p4?5axQOjX8;Nb5UWO2p(fIjKp?zbQ$!*qHuYfc2sp8FOCAoFrj{FswmkxDTy+wPO%kqTbqe&CU z4F>Kc1-t`Is0bUt|C(pFk;MC=r*k@otM~SQJ-^@WgJgSysyOsw{*N~PE!W3> z96C3^sanPmXqz&T&*2c}EZzy4or-GaOydJlU~%r7mhsUFFIz4V$kA8w!9=7ea1Cp7DwT0UVCKQiArYBR@iT|qAIx`247=8^LR-dPLwusX7dcmZeS+$ zH1+tue7ct2qHpZJ>oSE8vO7e_?Pkfg+f~wHV=55r`Zw6M91etRSlXTa)Jw?7BRr+% cIR4TRcE`+KqNMc!VF0?A#-qrzxBpR#DnE%Ong9R* literal 0 HcmV?d00001 diff --git a/iptables-apply-mktemp-fix.patch b/iptables-apply-mktemp-fix.patch deleted file mode 100644 index 7bc9bcc..0000000 --- a/iptables-apply-mktemp-fix.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- - iptables/iptables-apply | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -Index: iptables-1.8.1/iptables/iptables-apply -=================================================================== ---- iptables-1.8.1.orig/iptables/iptables-apply -+++ iptables-1.8.1/iptables/iptables-apply -@@ -111,7 +111,7 @@ if [[ ! -r "$FILE" ]]; then - exit 2 - fi - --COMMANDS=(tempfile "$SAVE" "$RESTORE") -+COMMANDS=(mktemp "$SAVE" "$RESTORE") - - for cmd in "${COMMANDS[@]}"; do - if ! command -v $cmd >/dev/null; then -@@ -122,7 +122,7 @@ done - - umask 0700 - --TMPFILE=$(tempfile -p iptap) -+TMPFILE=$(mktemp) - trap "rm -f $TMPFILE" EXIT HUP INT QUIT ILL TRAP ABRT BUS \ - FPE USR1 SEGV USR2 PIPE ALRM TERM - diff --git a/iptables-batch.patch b/iptables-batch.patch index 0533a27..45e5327 100644 --- a/iptables-batch.patch +++ b/iptables-batch.patch @@ -3,14 +3,14 @@ iptables/iptables-batch.c | 468 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 477 insertions(+) -Index: iptables-1.8.0/iptables/Makefile.am +Index: iptables-1.8.5/iptables/Makefile.am =================================================================== ---- iptables-1.8.0.orig/iptables/Makefile.am -+++ iptables-1.8.0/iptables/Makefile.am -@@ -98,3 +98,12 @@ install-exec-hook: - for i in ${v4_sbin_links}; do ${LN_S} -f xtables-legacy-multi "${DESTDIR}${sbindir}/$$i"; done; +--- iptables-1.8.5.orig/iptables/Makefile.am ++++ iptables-1.8.5/iptables/Makefile.am +@@ -111,3 +111,12 @@ install-exec-hook: for i in ${v6_sbin_links}; do ${LN_S} -f xtables-legacy-multi "${DESTDIR}${sbindir}/$$i"; done; for i in ${x_sbin_links}; do ${LN_S} -f xtables-nft-multi "${DESTDIR}${sbindir}/$$i"; done; + ${LN_S} -f iptables-apply "${DESTDIR}${sbindir}/ip6tables-apply" + +iptables_legacy_batch_SOURCES = iptables-batch.c iptables.c xshared.c +iptables_legacy_batch_LDFLAGS = ${xtables_legacy_multi_LDFLAGS} @@ -20,10 +20,10 @@ Index: iptables-1.8.0/iptables/Makefile.am +ip6tables_legacy_batch_LDFLAGS = ${xtables_legacy_multi_LDFLAGS} +ip6tables_legacy_batch_LDADD = ${xtables_legacy_multi_LDADD} +sbin_PROGRAMS += iptables-legacy-batch ip6tables-legacy-batch -Index: iptables-1.8.0/iptables/iptables-batch.c +Index: iptables-1.8.5/iptables/iptables-batch.c =================================================================== --- /dev/null -+++ iptables-1.8.0/iptables/iptables-batch.c ++++ iptables-1.8.5/iptables/iptables-batch.c @@ -0,0 +1,468 @@ +/* + * Author: Ludwig Nussel diff --git a/iptables.changes b/iptables.changes index ff4fe8d..8e7294b 100644 --- a/iptables.changes +++ b/iptables.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Wed Jun 3 13:21:57 UTC 2020 - Jan Engelhardt + +- Update to release 1.8.5 + * IDLETIMER: Add alarm timer option + * nft: CT: add translation for NOTRACK +- Drop iptables-apply-mktemp-fix.patch (seemingly applied) + ------------------------------------------------------------------- Mon Dec 2 20:01:25 UTC 2019 - Jan Engelhardt diff --git a/iptables.spec b/iptables.spec index 1431df4..d4e1fb6 100644 --- a/iptables.spec +++ b/iptables.spec @@ -1,7 +1,7 @@ # # spec file for package iptables # -# Copyright (c) 2019 SUSE LLC +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: iptables -Version: 1.8.4 +Version: 1.8.5 Release: 0 Summary: IP packet filter administration utilities License: GPL-2.0-only AND Artistic-2.0 @@ -27,12 +27,10 @@ URL: https://netfilter.org/projects/iptables/ Source: https://netfilter.org/projects/iptables/files/%name-%version.tar.bz2 Source2: https://netfilter.org/projects/iptables/files/%name-%version.tar.bz2.sig Source3: %name.keyring -Patch3: iptables-batch.patch -Patch4: iptables-apply-mktemp-fix.patch -Patch5: iptables-batch-lock.patch -Patch6: iptables-1.8.2-dont_read_garbage.patch +Patch1: iptables-batch.patch +Patch2: iptables-batch-lock.patch +Patch3: iptables-1.8.2-dont_read_garbage.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bison BuildRequires: fdupes BuildRequires: flex >= 2.5.33 @@ -42,7 +40,7 @@ BuildRequires: xz BuildRequires: pkgconfig(libmnl) >= 1.0 BuildRequires: pkgconfig(libnetfilter_conntrack) >= 1.0.4 BuildRequires: pkgconfig(libnfnetlink) >= 1.0.0 -BuildRequires: pkgconfig(libnftnl) >= 1.1.5 +BuildRequires: pkgconfig(libnftnl) >= 1.1.6 Requires: netcfg >= 11.6 Requires: xtables-plugins = %version-%release Requires(post): update-alternatives @@ -177,7 +175,6 @@ b="%buildroot" rm -f "$b/%_libdir/"libiptc.so* # iptables-apply is not installed by upstream Makefile install -m0755 iptables/iptables-apply "$b/%_sbindir/" -install -m0644 iptables/iptables-apply.8 "$b/%_mandir/man8/" rm -f "$b/%_libdir"/*.la rm -f "$b/%_sysconfdir/ethertypes" # -> netcfg @@ -242,6 +239,7 @@ fi %_sbindir/iptables-legacy* %_sbindir/iptables-nft* %_sbindir/iptables-*translate* +%_sbindir/ip6tables-apply %_sbindir/ip6tables-legacy* %_sbindir/ip6tables-nft* %_sbindir/ip6tables-*translate*