firewalld/firewalld.changes

-------------------------------------------------------------------
Mon Oct 31 12:07:49 UTC 2016 - mchandras@suse.de

- Update to version 0.4.4
  * firewall-applet: Use PyQt5
  * firewall-config: New nf_conntrack_select dialog, use nf_conntrack_helpers
    D-Bus property
  * New helpers Q.931 and RAS from nf_conntrack_h323
  * firewall.core.fw_zone: Add zone bingings for PREROUTING in the raw table
  * firewall.core.ipXtables: Add PREROUTING default rules for zones in raw
    table
  * New helper configuration files for amanda, ftp, irc, netbios-ns, pptp,
    sane, sip, snmp and tftp
  * firewall-cmd: Fixed --{get,set}-{description,short} for permanent zones
  * firewall.command: Do not use error code 254 for {ALREADY,NOT}_ENABLED
    sequences
  * Misc bug fixes.
  * For the complete list of changes please see:
    https://github.com/t-woerner/firewalld/releases/tag/v0.4.4

-------------------------------------------------------------------
Fri Sep  2 23:21:51 UTC 2016 - mchandras@suse.de

- Relax permissions for default installation files. The files in
  /usr/lib/firewalld are the default ones as shipped by the package and
  there is nothing secret in them.

-------------------------------------------------------------------
Tue Aug 16 17:51:30 UTC 2016 - mchandras@suse.de

- Update to version 0.4.3.3
  * Fixes CVE-2016-5410 (bsc#992772)
  * Standard error is now used for errors and warnings
  * Several fixes for use in change roots
  * Systemd service file changes
  * Fixed translations in firewall-config
  * Command line clients
  * Fixes infinite event handling loop in firewall-{config,applet} (bsc#992082)

-------------------------------------------------------------------
Tue Jul  5 14:02:18 UTC 2016 - mchandras@suse.de

- Update to version 0.4.3.2
  * Fix regression with unavailable optional commands
  * All missing backend messages should be warnings
  * Individual calls for missing restore commands
  * Only one authenticate call for add and remove options and also
    sequences
  * New service RH-Satellite-6

-------------------------------------------------------------------
Tue Jun 28 14:59:35 UTC 2016 - mchandras@suse.de

- Update to version 0.4.3.1
  * firewall.command: Fix python3 DBusException message not interable error
  * src/Makefile.am: Fix path in firewall-[offline-]cmd_test.sh while installing
  * firewallctl: Do not trace back on list command without further arguments
  * firewallctl (man1): Added remaining sections zone, service, ..
  * firewallctl: Added runtime-to-permanent, interface and source parser, IndividualCalls setting
  * firewall.server.config: Allow to set IndividualCalls property in config interface
  * Fix missing icmp rules for some zones
  * runProg: Fix issue with running programs
  * firewall-offline-cmd: Fix issues with missing system-config-firewall
  * firewall.core.ipXtables: Split up source and dest addresses for transaction
  * firewall.server.config: Log error in case of loading malformed files in watcher
  * Install and package the firewallctl man page
  * Translation updates

-------------------------------------------------------------------
Wed Jun 22 14:15:29 UTC 2016 - mchandras@suse.de

- Update to version 0.4.3
  * New firewallctl utility (RHBZ#1147959)
  * doc.xml.seealso: Show firewalld.dbus in See Also sections
  * firewall.core.fw_config: Create backup on zone, service, ipset and icmptype removal (RHBZ#1339251)
  * {zone,service,ipset,icmptype}_writer: Do not fail on failed backup
  * firewall-[offline-]cmd: Fix --new-X-from-file options for files in cwd
  * firewall-cmd: Dropped duplicate setType call in --new-ipset
  * radius service: Support also tcp ports (RBZ#1219717)
  * xmlschemas: Support source-port, protocol, icmp-block-inversion and ipset sources
  * config.xmlschema.service.xsd: Fix service destination conflicts (RHBZ#1296573)
  * firewall-cmd, firewalld man: Information about new NetworkManager and ifcfg
  * firewall.command: Only print summary and description in print_X_info with verbose
  * firewall.command: print_msg should be able to print empty lines
  * firewall-config: No processing of runtime passthroughs signals in permanent
  * Landspace.io fixes and pylint calm downs
  * firewall.core.io.zone: Add zone_reader and zone_writer to all, pylint fixes
  * firewall-config: Fixed titles of command and context dialogs, also entry lenths
  * firewall-config: pylint calm downs
  * firewall.core.fw_zone: Fix use of MAC source in rich rules without ipv limit
  * firewall-config: Use self.active_zoens in conf_zone_added_cb
  * firewall.command: New parse_port, extended parse methods with more checks
  * firewall.command: Fixed parse_port to use the separator in the split call
  * firewall.command: New [de]activate_exception_handler, raise error in parse_X
  * services ha: Allow corosync-qnetd port
  * firewall-applet: Support for kde5-nm-connection-editor
  * tests/firewall-offline-cmd_test.sh: New tests for service and icmptype modifications
  * firewall-offline-cmd: Use FirewallCommand for simplification and sequence options
  * tests/firewall-cmd_test.sh: New tests for service and icmptype modifications
  * firewall-cmd: Fixed set, remove and query destination options for services
  * firewall.core.io.service: Source ports have not been checked in _check_config
  * firewall.core.fw_zone: Method check_source_port is not used, removed
  * firewall.core.base: Added default to ZONE_TARGETS
  * firewall.client: Allow to remove ipv:address pair for service destinations
  * tests/firewall-offline-cmd_test.sh: There is no timeout option in permanent
  * firewall-cmd: Landscape.io fixes, pylint calm downs
  * firewall-cmd: Use FirewallCommand for simplification and sequence options
  * firewall.command: New FirewallCommand for command line client simplification
  * New services: kshell, rsh, ganglia-master, ganglia-client
  * firewalld: Cleanup of unused imports, do not translate some deamon messages
  * firewalld: With fd close interation in runProg, it is not needed here anymore
  * firewall.core.prog: Add fd close iteration to runProg
  * firewall.core.fw_nm: Hide NM typelib import, new nm_get_dbus_interface function
  * firewalld.spec: Require NetworkManager-libnm instead of NetworkManager-glib
  * firewall-config: New add/remove ipset entries from file, remove all entries
  * firewall-applet: Fix tooltip after applet start with connection to firewalld
  * firewall-config: Select new zone, service or icmptype if the view was empty
  * firewalld.spec: Added build requires for iptables, ebtables and ipset
  * Adding nf_conntrack_sip module to the service SIP
  * firewall: core: fw_ifcfg: Quickly return if ifcfg directory does not exist
  * Drop unneeded python shebangs
  * Translation updates
- Remove obsolete patches:
  * 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch
  * 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch
  * 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch
- Add missing %{?_smp_mflags} during install. This will speed up
  the installation phase as well as expose build system's problems
  due to higher level of parallelism.
- Run make during %build to ensure missing documentation is generated.
- spec file cleanups.

-------------------------------------------------------------------
Wed Jun  8 08:10:11 UTC 2016 - mchandras@suse.de

- Add upstream patch to prevent unconditional dependencies to the
  NetworkManager typelib (gh#t-woerner/firewalld#119)
  * 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch

-------------------------------------------------------------------
Tue May 31 08:30:44 UTC 2016 - mchandras@suse.de

- Update to version 0.4.2
  * New module to search for and change ifcfg files for interfaces
    not under control of NM
  * firewall_config: Enhanced messages in status bar
  * firewall-config: New message window as overlay if not connected
  * firewall-config: Fix sentivity of option, view menus and main
    paned if not connected
  * firewall-applet: Quit on SIGINT (Ctrl-C), reduced D-Bus calls,
    some cleanup
  * firewall-[offline]cmd: Show target in zone information
  * D-Bus: Completed masquerade methods in FirewallClientZoneSettings
  * Fixed log-denied rules for icmp-blocks
  * Keep sorting of interfaces, services, icmp-blocks and other
    settings in zones
  * Fixed runtime-to-permanent not to save interfaces under control
    of NM
  * New icmp-block-inversion flag in the zones
  * ICMP type filtering in the zones
  * New services: sip, sips, managesieve
  * rich rules: Allow destination action (RHBZ#1163428)
  * firewall-offline-cmd: New option -q/--quiet
  * firewall-[offline-]cmd: New --add-[zone,service,ipset,icmptype]-from-file
  * firewall-[offline-]cmd: Fix option for setting the destination
    address
  * firewall-config: Fixed resizing behaviour
  * New transaction model for speed ups in start, restart, stop and
    other actions
  * firewall-cmd: New options --load{zone,service,ipset,icmptype}-defaults
  * Fixed memory leak in dbus_introspection_add_properties
  * Landscape.io fixes, pylint calm downs
  * New D-Bus getXnames methods to speed up firewall-config and firewall-cmd
  * ebtables-restore: No support for COMMIT command
  * Source port support in services, zones and rich rules
  * firewall-offline-cmd: Added --{add,remove}-entries-from-file for ipsets
  * firewall-config: New active bindings side bar for simple binding changes
  * Reworked NetworkManager module
  * Proper default zone handling for NM connections
  * Try to set zone binding with NM if interface is under control of NM
  * Code cleanup and bug fixes
  * Include test suite in the release and install in /usr/share/firewalld/tests
  * New Travis-CI configuration file
  * Fixed more broken frensh translations
  * Translation updates
- Add upstream patches
  * 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch: Removes
    unneeded python shebangs
  * 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch: Do
    not try to access the network-scripts ifcfg directory.
- Drop rejected patch
  * drop-standard-output-error-systemd.patch
- Minor spec file clean-up

-------------------------------------------------------------------
Fri May  6 20:56:42 UTC 2016 - jengelh@inai.de

- Avoid runtime dependency on systemd, the macros can all deal with
  its absence.

-------------------------------------------------------------------
Fri Apr 29 08:27:12 UTC 2016 - mchandras@suse.de

- Suggest the susefirewall2-to-firewalld package which could assist
  in migrating the SuSEFirewall2 iptables rules to FirewallD.

-------------------------------------------------------------------
Thu Apr 21 08:15:19 UTC 2016 - mchandras@suse.de

- Update to version 0.4.1.2
  * Install fw_nm module
  * firewalld: Do not fail if log file could not be opened
  * Make ipsets visible per default in firewall-config
  * Fixed translations with python3
  [changes in 0.4.1.1]
  * Fix for broken frensh translation
  [changes in 0.4.1]
  * Enhancements of ipset handling
  * No cleanup of ipsets using timeouts while reloading
  * Only destroy conflicting ipsets
  * Only use ipset types supported by the system
  * Add and remove several ipset entries in one call using a file
  * Reduce time frame where builtin chains are on policy DROP while reloading
  * Include descriptions in --info-X calls
  * Command line interface support to get and alter descriptions of zones,
  * services, ipsets and icmptypes with permanent option
  * Properly watch changes in combined zones
  * Fix logging in rich rule forward rules
  * Transformed direct.passthrough errors into warnings
  * Rework of import structures
  * Reduced calls to get ids for port and protocol names (RHBZ#1305434)
  * Build and installation fixes by Markos Chandras
  * Provide D-Bus properties in introspection data
  * Fix for flaws found by landscape.io
  * Fix for repeated SUGHUP
  * New NetworkManager module to get and set zones of connections, used in
    firewall-applet and firewall-config
  * configure: Autodetect backend tools ({ip,ip6,eb}tables{,-restore}, ipset)
  * Code cleanups
  * Bug fixes
- Fix drop-standard-output-error-systemd.patch tagging
- Add libxslt-tools build dependency

-------------------------------------------------------------------
Tue Mar  8 14:27:23 UTC 2016 - mchandras@suse.de

- Do not recommend a specific version for the lang subpackage

-------------------------------------------------------------------
Tue Mar  1 21:51:37 UTC 2016 - mchandras@suse.de

- Move translations to a new subpackage

-------------------------------------------------------------------
Mon Feb 29 09:39:27 UTC 2016 - mchandras@suse.de

- Set DISABLE_RESTART_ON_UPDATE to 'yes' instead of '1'. The macros in
  /etc/rpm/macros.systemd only check for the 'yes' value so fix it to
  properly prevent the firewalld service from being restarted during
  updates.

-------------------------------------------------------------------
Mon Feb 22 13:18:19 UTC 2016 - mchandras@suse.de

- Drop typelib(NetworkManager), NetworkManager-glib, gtk3
  and libnotify dependencies (see OBS SR#360792)

-------------------------------------------------------------------
Mon Feb 22 10:18:26 UTC 2016 - jslaby@suse.com

- firewall-config needs typelib(NetworkManager) to run

-------------------------------------------------------------------
Mon Feb  1 11:28:12 UTC 2016 - mchandras@suse.de

- Initial commit. Version 0.4.0
  * drop-standard-output-error-systemd.patch (gh#t-woerner/firewalld/pull/67)