Accepting request 910102 from home:polslinux:branches:security:netfilter

- Update to release 7.15 * netfilter: ipset: Fix maximal range check in hash_ipportnet4_uadt() OBS-URL: https://build.opensuse.org/request/show/910102 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/ipset?expand=0&rev=102
2021-08-04 10:03:51 +00:00 · 2021-08-04 10:03:51 +00:00 · 0a6f4fb1f2
commit 0a6f4fb1f2
parent f81e0ee2f2
4 changed files with 42 additions and 36 deletions
--- a/ipset-7.14.tar.bz2
+++ b/ipset-7.14.tar.bz2
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:27031c36d355907031cce41e65553e99bb013d762fcd55392f63d7e84760f900
 size 680219
--- a/ipset-7.15.tar.bz2
+++ b/ipset-7.15.tar.bz2
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:0a5545aaadb640142c1f888d366a78ddf8724799967fa20686a70053bd621751
 size 680383
--- a/ipset.changes
+++ b/ipset.changes
@ -1,3 +1,10 @@
 -------------------------------------------------------------------
 Wed Aug  4 09:37:44 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
 - Update to release 7.15
  * netfilter: ipset: Fix maximal range check in
    hash_ipportnet4_uadt()
 -------------------------------------------------------------------
 Wed Jul 28 14:54:37 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
--- a/ipset.spec
+++ b/ipset.spec
@ -25,29 +25,28 @@
 %define ipset_build_kmp 0
 %endif
 Name:           ipset
-Version:        7.14
+Version:        7.15
 Release:        0
 Summary:        Netfilter ipset administration utility
 License:        GPL-2.0-only
 Group:          Productivity/Networking/Security
-URL:            http://ipset.netfilter.org/
+URL:            https://ipset.netfilter.org/
 #Git-Clone:	git://git.netfilter.org/ipset
 #Git-Web:	http://git.netfilter.org/
-Source:         http://ipset.netfilter.org/%name-%version.tar.bz2
+Source:         http://ipset.netfilter.org/%{name}-%{version}.tar.bz2
-Source3:        %name-preamble
+Source3:        %{name}-preamble
 Patch1:         ipset-destdir.diff
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  libtool
 BuildRequires:  linux-glibc-devel >= 2.6.24
-BuildRequires:  pkg-config >= 0.21
+BuildRequires:  pkgconfig >= 0.21
 BuildRequires:  pkgconfig(libmnl) >= 1
 %if 0%{?ipset_build_kmp}
-BuildRequires:  %kernel_module_package_buildreqs
+BuildRequires:  %{kernel_module_package_buildreqs}
 BuildRequires:  kernel-devel >= 2.6.39
 %kernel_module_package -p %name-preamble
 BuildRequires:  kmod-compat
 %kernel_module_package -p %{name}-preamble
 %endif
 %description
@ -78,11 +77,11 @@ when matching an entry against a set.
 This package contains a version update to the in-kernel ipset modules.
-%package -n %lname
+%package -n %{lname}
 Summary:        Userspace library for the in-kernel Netfilter ipset interface
 Group:          System/Libraries
-%description -n %lname
+%description -n %{lname}
 IP sets are a framework inside the Linux kernel, which can be
 administered by the ipset utility. Depending on the type, currently
 an IP set may store IP addresses, (TCP/UDP) port numbers or IP
@ -92,7 +91,7 @@ when matching an entry against a set.
 %package devel
 Summary:        Development files for ipset extensions
 Group:          Development/Libraries/C and C++
-Requires:       %lname = %version
+Requires:       %{lname} = %{version}
 %description devel
 IP sets are a framework inside the Linux kernel, which can be
@ -109,49 +108,49 @@ when matching an entry against a set.
 export PATH="$PATH:%_sbindir"
 autoreconf -fi
 %if 0%{?ipset_build_kmp}
-for flavor in %flavors_to_build; do
+for flavor in %{flavors_to_build}; do
-	cp -a . "../%name-$flavor-%version"
+	cp -a . "../%{name}-$flavor-%{version}"
-	pushd "../%name-$flavor-%version/"
+	pushd "../%{name}-$flavor-%{version}/"
 	# ksource: it just checks for a header
 	%configure --disable-static \
-		--with-kbuild="%_prefix/src/linux-obj/%_target_cpu/$flavor" \
+		--with-kbuild="%{_prefix}/src/linux-obj/%{_target_cpu}/$flavor" \
-		--with-ksource="%_prefix/src/linux" \
+		--with-ksource="%{_prefix}/src/linux" \
-		--includedir="%_includedir/%name"
+		--includedir="%{_includedir}/%{name}"
-	make %{?_smp_mflags} all modules
+	%make_build all modules
 	popd
 done
 %endif
 %configure --disable-static --with-kmod=no \
-	--includedir="%_includedir/%name"
+	--includedir="%{_includedir}/%{name}"
-make %{?_smp_mflags} V=1
+%make_build
 %install
 export PATH="$PATH:%_sbindir"
-b="%buildroot"
+b=%{buildroot}
 %if 0%{?ipset_build_kmp}
-for flavor in %flavors_to_build; do
+for flavor in %{flavors_to_build}; do
-	pushd "../%name-$flavor-%version/"
+	pushd "../%{name}-$flavor-%{version}/"
 	make %{?_smp_mflags} install modules_install \
 		DESTDIR="$b" INSTALL_MOD_PATH="$b" V=1
 	popd
 done
 %endif
 %make_install
-find "$b/%_libdir/" -type f -name "*.la" -delete -print
+find %{buildroot} -type f -name "*.la" -delete -print
-%post   -n %lname -p /sbin/ldconfig
+%post   -n %{lname} -p /sbin/ldconfig
-%postun -n %lname -p /sbin/ldconfig
+%postun -n %{lname} -p /sbin/ldconfig
 %files
-%_sbindir/ipset*
+%{_sbindir}/ipset*
-%_mandir/man*/*
+%{_mandir}/man*/*
-%files -n %lname
+%files -n %{lname}
-%_libdir/libipset.so.13*
+%{_libdir}/libipset.so.13*
 %files devel
-%_libdir/libipset.so
+%{_libdir}/libipset.so
-%_libdir/pkgconfig/libipset.pc
+%{_libdir}/pkgconfig/libipset.pc
-%_includedir/%name/
+%{_includedir}/%{name}/
 %changelog