From acf90dc2e9fe2ecac24a9471f4bc111d9f7793af95b5800cae54cf7ca79254c1 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Fri, 13 Oct 2017 00:46:55 +0000
Subject: [PATCH] - Update to new upstream release 1.0.8

OBS-URL: https://build.opensuse.org/package/show/security:netfilter/libnftnl?expand=0&rev=28
---
 baselibs.conf              |   4 ----
 bufferov.diff              |  29 +++++++++++++++++++++++++++++
 libnftnl-1.0.7.tar.bz2     |   3 ---
 libnftnl-1.0.7.tar.bz2.sig | Bin 543 -> 0 bytes
 libnftnl-1.0.8.tar.bz2     |   3 +++
 libnftnl-1.0.8.tar.bz2.sig | Bin 0 -> 543 bytes
 libnftnl.changes           |  12 ++++++++++++
 libnftnl.spec              |  17 +++++++++--------
 8 files changed, 53 insertions(+), 15 deletions(-)
 delete mode 100644 baselibs.conf
 create mode 100644 bufferov.diff
 delete mode 100644 libnftnl-1.0.7.tar.bz2
 delete mode 100644 libnftnl-1.0.7.tar.bz2.sig
 create mode 100644 libnftnl-1.0.8.tar.bz2
 create mode 100644 libnftnl-1.0.8.tar.bz2.sig

diff --git a/baselibs.conf b/baselibs.conf
deleted file mode 100644
index 6e38a4f..0000000
--- a/baselibs.conf
+++ /dev/null
@@ -1,4 +0,0 @@
-libnftnl4
-libnftnl-devel
-	requires -libnftnl-<targettype>
-	requires "libnftnl4-<targettype> = <version>"
diff --git a/bufferov.diff b/bufferov.diff
new file mode 100644
index 0000000..4567e6d
--- /dev/null
+++ b/bufferov.diff
@@ -0,0 +1,29 @@
+From: Jan Engelhardt <jengelh@inai.de>
+Date: 2017-10-13 02:43:06.480980575 +0200
+X-Upstream: reported
+
+resolve a potential buffer overflow when i > 9
+[reg->len > 36].
+
+
+expr/data_reg.c:69:27: warning: '%d' directive writing between 1 and
+10 bytes into a region of size 2 [-Wformat-overflow=]
+   sprintf(node_name, "data%d", i);
+
+---
+ src/expr/data_reg.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: libnftnl-1.0.8/src/expr/data_reg.c
+===================================================================
+--- libnftnl-1.0.8/src/expr/data_reg.c
++++ libnftnl-1.0.8/src/expr/data_reg.c
+@@ -60,7 +60,7 @@ static int nftnl_data_reg_value_json_par
+ 					 struct nftnl_parse_err *err)
+ {
+ 	int i;
+-	char node_name[6];
++	char node_name[16];
+ 
+ 	if (nftnl_jansson_parse_val(data, "len", NFTNL_TYPE_U8, &reg->len, err) < 0)
+ 			return DATA_NONE;
diff --git a/libnftnl-1.0.7.tar.bz2 b/libnftnl-1.0.7.tar.bz2
deleted file mode 100644
index 7b66437..0000000
--- a/libnftnl-1.0.7.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9bb66ecbc64b8508249402f0093829f44177770ad99f6042b86b3a467d963982
-size 384969
diff --git a/libnftnl-1.0.7.tar.bz2.sig b/libnftnl-1.0.7.tar.bz2.sig
deleted file mode 100644
index ace74c812696a8319d44be18f3c464b9d758a175a815aa29f59ebaf40c813ce5..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 543
zcmV+)0^t3L0vrSY0RjL91p-)DTGapw2@tDBRiP%*lH^mw5C41ZAGwh$yz{qtNeWUL
z8d!R*K_rAE)~cc`Cb(eWrKe0_Z#wV9Fu^$?xjf1xxQniv-`m)bg{XsP#niyJcThte
zi?+tuQi$$?NCGhPqalQqZL!AZMqrz9n>MG1i8hxkIf+yfkvSGRQ0GX{=MDIC&AiXZ
z7S=hEIkOgWeFPc0r<L%f0rV%_vPee<0i2j_2Rgq5q=}SWUQJB<MsI1{JWnB}DSHX;
zkeK!qhnIR%q^au(qX>r%_85ZJo~-s$&9aG9%*2G)Nx!8Qc*OM;34W&%;kqOisHNCX
z*mJ!4Yi;i^w&!@{{@su>ou_%f(+{OKuhmSA{t>GS<59xK&UJt+nx-{;E9&m>jeO9U
z%yQdfVM_Zk{*6+(Si?8rdJ`W#{Z#@Yu{1S#WV`Rqx0LrQYix}$2Lhovjq0$?#_kbl
zg|aCrVP-Ei;PR!^ONcY*Z8+iF74R&wLlR>puevf(3-R*!Nx2RZ@yD)+C$GXSd<+{f
z8Ipr1DI5Qsv5@E=x?t%oq3v@;BQVQMw6`06kR2T*D<ft1gkyKR<>uyn{&zWIbR)A6
zNgg?t4N9jj3V&3iFP=hxywOy#tZvuAsKmrc!A#)7?bGVK^<uH*3i6oJl$E$CT1iFQ
hctJ@EN`nx;wP@PB<Gw5Gy;OTyp!+ujK+e^FXS#_13{(IB

diff --git a/libnftnl-1.0.8.tar.bz2 b/libnftnl-1.0.8.tar.bz2
new file mode 100644
index 0000000..5ac1228
--- /dev/null
+++ b/libnftnl-1.0.8.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e6bdd799ef9c59fc247954aba9f2c6469d8e04cfaee73526728011eaa3632038
+size 400496
diff --git a/libnftnl-1.0.8.tar.bz2.sig b/libnftnl-1.0.8.tar.bz2.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..e3db27f1229290e54fa4c1e3cd482616d75a406ec4dc5ce7837024f495edd5cf
GIT binary patch
literal 543
zcmV+)0^t3L0vrSY0RjL91p-;${Nn%$2@tDBRiP%*lH~ZC5Bv$39P26I<7cadh@;)w
z<`K3}<YY5{*rE%tGuB321pu_>!@t%59XGX#hlF{kJ3tu5vq!B%{p`3t4yI}uI2pWi
z0@1%!iBQ%AtfM`Tw}!5S5RsXd&vOCzn2Uyi>nS9)%>AmwzJ=BvN}Mr;z4hfd>9=QX
ze#U-iGwPHFlofu3xhloe3h9#Ii6loW(x@+EYOBK5L8OlfrH>|ZocfFl&F%(|&Lk>s
zSQXcs+XoDAG~AskLn$=+v#5zNx#)Yc#jj^B#E_4grhOFEhqE9!(Sihr(HTH+pBIca
zH!bi_#4YcTmS2YJpVf6K8@lNKVrn(AjQQC!Bg^mN890ewKfNd!26Ykmk%6k(%m+ts
z3etDQaKowbknkD+`LKcDyCQfOsHtAt7v5QOXc2+rF=t%c$9XM*IoZ)T=V%RXQ!)wB
zti-jZP{Gaa=}m!g-C)G`*_{0`R52+QLjFNe*|sgu7#k3Ac;VFZCSuOjOc5!r+zn_e
zfVJ~az)rUVS7$+se{yaI4d^qOF{sSNL~F<_X+;#_-k-|9Xhg_`acj1219(;KQM#w*
z5i249u}&Lec5rMcr-r)`G@;2nE=3NuBG}a}7LsJX>nAg430UN(sw}``M1WE|U}5p0
h&;9PD`<WfSuFd5QA<{}kbZEcJ$vkfOhi_iNQ{jyF3kd)K

literal 0
HcmV?d00001

diff --git a/libnftnl.changes b/libnftnl.changes
index e3b325a..577a240 100644
--- a/libnftnl.changes
+++ b/libnftnl.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Fri Oct 13 00:29:52 UTC 2017 - jengelh@inai.de
+
+- Update to new upstream release 1.0.8
+  * ct: add support for zone, helper and eventmask
+  * exthdr: tcp option set support
+  * rt: tcpmss get support
+  * ct: add average bytes per packet counter support
+  * exthdr: Add support for exthdr flags
+- Add bufferov.diff
+- Drop baselibs.conf
+
 -------------------------------------------------------------------
 Tue Dec 20 21:59:39 UTC 2016 - jengelh@inai.de
 
diff --git a/libnftnl.spec b/libnftnl.spec
index 970b4a0..ae86913 100644
--- a/libnftnl.spec
+++ b/libnftnl.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package libnftnl
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,8 +17,8 @@
 
 
 Name:           libnftnl
-%define lname	libnftnl4
-Version:        1.0.7
+%define lname	libnftnl7
+Version:        1.0.8
 Release:        0
 Summary:        Userspace library to access the nftables Netlink interface
 License:        GPL-2.0+
@@ -28,7 +28,7 @@ Url:            http://netfilter.org/projects/libnftnl/
 #Git-Clone:	git://git.netfilter.org/libnftnl
 Source:         http://ftp.netfilter.org/pub/libnftnl/%name-%version.tar.bz2
 Source2:        http://ftp.netfilter.org/pub/libnftnl/%name-%version.tar.bz2.sig
-Source3:        baselibs.conf
+Patch1:         bufferov.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 # Normally, this require would not be needed, as upstream ships all headers.
 # Except when they don't and then don't bother fixing it.
@@ -51,9 +51,9 @@ libnftnl is a userspace library providing a low-level netlink
 programming interface (API) to the in-kernel nf_tables subsystem.
 
 %package devel
-Requires:       %lname = %version
-Summary:        Development files to libnftnl
+Summary:        Development files for libnftnl
 Group:          Development/Libraries/C and C++
+Requires:       %lname = %version
 
 %description devel
 libnftnl is a userspace library providing a low-level netlink
@@ -64,6 +64,7 @@ applications that want to make use of libnftnl.
 
 %prep
 %setup -q
+%patch -P 1 -p1
 
 %build
 %configure \
@@ -73,7 +74,7 @@ applications that want to make use of libnftnl.
 make %{?_smp_mflags}
 
 %install
-make install DESTDIR="%buildroot"
+%make_install
 rm -f "%buildroot/%_libdir"/*.la
 
 %post   -n %lname -p /sbin/ldconfig
@@ -81,7 +82,7 @@ rm -f "%buildroot/%_libdir"/*.la
 
 %files -n %lname
 %defattr(-,root,root)
-%_libdir/libnftnl.so.4*
+%_libdir/libnftnl.so.7*
 
 %files devel
 %defattr(-,root,root)