Accepting request 533852 from security:netfilter

- Update to new upstream release 1.0.8

OBS-URL: https://build.opensuse.org/request/show/533852
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libnftnl?expand=0&rev=9

baselibs.conf

@@ -1,4 +0,0 @@
-libnftnl4
-libnftnl-devel
-	requires -libnftnl-<targettype>
-	requires "libnftnl4-<targettype> = <version>"

bufferov.diff

@@ -0,0 +1,29 @@
+From: Jan Engelhardt <jengelh@inai.de>
+Date: 2017-10-13 02:43:06.480980575 +0200
+X-Upstream: reported
+
+resolve a potential buffer overflow when i > 9
+[reg->len > 36].
+
+
+expr/data_reg.c:69:27: warning: '%d' directive writing between 1 and
+10 bytes into a region of size 2 [-Wformat-overflow=]
+   sprintf(node_name, "data%d", i);
+
+---
+ src/expr/data_reg.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: libnftnl-1.0.8/src/expr/data_reg.c
+===================================================================
+--- libnftnl-1.0.8/src/expr/data_reg.c
++++ libnftnl-1.0.8/src/expr/data_reg.c
+@@ -60,7 +60,7 @@ static int nftnl_data_reg_value_json_par
+ 					 struct nftnl_parse_err *err)
+ {
+ 	int i;
+-	char node_name[6];
++	char node_name[16];
+ 
+ 	if (nftnl_jansson_parse_val(data, "len", NFTNL_TYPE_U8, &reg->len, err) < 0)
+ 			return DATA_NONE;

libnftnl-1.0.7.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9bb66ecbc64b8508249402f0093829f44177770ad99f6042b86b3a467d963982
-size 384969

libnftnl-1.0.8.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e6bdd799ef9c59fc247954aba9f2c6469d8e04cfaee73526728011eaa3632038
+size 400496

libnftnl.changes

@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Fri Oct 13 00:29:52 UTC 2017 - jengelh@inai.de
+
+- Update to new upstream release 1.0.8
+  * ct: add support for zone, helper and eventmask
+  * exthdr: tcp option set support
+  * rt: tcpmss get support
+  * ct: add average bytes per packet counter support
+  * exthdr: Add support for exthdr flags
+- Add bufferov.diff
+- Drop baselibs.conf
+
 -------------------------------------------------------------------
 Tue Dec 20 21:59:39 UTC 2016 - jengelh@inai.de
 

libnftnl.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package libnftnl
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,8 +17,8 @@
 
 
 Name:           libnftnl
-%define lname	libnftnl4
-Version:        1.0.7
+%define lname	libnftnl7
+Version:        1.0.8
 Release:        0
 Summary:        Userspace library to access the nftables Netlink interface
 License:        GPL-2.0+
@@ -28,7 +28,7 @@ Url:            http://netfilter.org/projects/libnftnl/
 #Git-Clone:	git://git.netfilter.org/libnftnl
 Source:         http://ftp.netfilter.org/pub/libnftnl/%name-%version.tar.bz2
 Source2:        http://ftp.netfilter.org/pub/libnftnl/%name-%version.tar.bz2.sig
-Source3:        baselibs.conf
+Patch1:         bufferov.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 # Normally, this require would not be needed, as upstream ships all headers.
 # Except when they don't and then don't bother fixing it.
@@ -51,9 +51,9 @@ libnftnl is a userspace library providing a low-level netlink
 programming interface (API) to the in-kernel nf_tables subsystem.
 
 %package devel
-Requires:       %lname = %version
-Summary:        Development files to libnftnl
+Summary:        Development files for libnftnl
 Group:          Development/Libraries/C and C++
+Requires:       %lname = %version
 
 %description devel
 libnftnl is a userspace library providing a low-level netlink
@@ -64,6 +64,7 @@ applications that want to make use of libnftnl.
 
 %prep
 %setup -q
+%patch -P 1 -p1
 
 %build
 %configure \
@@ -73,7 +74,7 @@ applications that want to make use of libnftnl.
 make %{?_smp_mflags}
 
 %install
-make install DESTDIR="%buildroot"
+%make_install
 rm -f "%buildroot/%_libdir"/*.la
 
 %post   -n %lname -p /sbin/ldconfig
@@ -81,7 +82,7 @@ rm -f "%buildroot/%_libdir"/*.la
 
 %files -n %lname
 %defattr(-,root,root)
-%_libdir/libnftnl.so.4*
+%_libdir/libnftnl.so.7*
 
 %files devel
 %defattr(-,root,root)