rpms/ipset
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import CS ipset-7.22-10.el10

Browse Source
This commit is contained in:
AlmaLinux RelEng Bot 2026-04-07 06:29:48 -04:00
parent 3e5df62049
commit 342f534333
8 changed files with 498 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
ipset-7.21.tar.bz2
ipset-7.22.tar.bz2

23
0001-Replace-BUG_ON-with-WARN_ON_ONCE-according-to-usage-.patch Normal file
View File

@ -0,0 +1,23 @@
From 21080dc79c4e9244149aa78f6a8f7fbb6f4b8e81 Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@netfilter.org>
Date: Thu, 6 Jun 2024 08:57:11 +0200
Subject: [PATCH] Replace BUG_ON() with WARN_ON_ONCE() according to usage
policy.
---
kernel/net/netfilter/ipset/ip_set_list_set.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/net/netfilter/ipset/ip_set_list_set.c b/kernel/net/netfilter/ipset/ip_set_list_set.c
index fd78e2db06e4f..0d3e5a7331f26 100644
--- a/kernel/net/netfilter/ipset/ip_set_list_set.c
+++ b/kernel/net/netfilter/ipset/ip_set_list_set.c
@@ -432,7 +432,7 @@ list_set_destroy(struct ip_set *set)
{
struct list_set *map = set->data;
- BUG_ON(!list_empty(&map->members));
+ WARN_ON_ONCE(!list_empty(&map->members));
kfree(map);
set->data = NULL;

54
0002-lib-data-Fix-for-global-buffer-overflow-warning-by-A.patch Normal file
View File

@ -0,0 +1,54 @@
From f1bcacf5eeb8620ea684524e1ce9c3951a77f1f9 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Thu, 27 Jun 2024 10:18:16 +0200
Subject: [PATCH] lib: data: Fix for global-buffer-overflow warning by ASAN
After compiling with CFLAGS="-fsanitize=address -g", running the
testsuite triggers the following warning:
| ipmap: Range: Check syntax error: missing range/from-to: FAILED
| Failed test: ../src/ipset 2>.foo.err -N test ipmap
| =================================================================
| ==4204==ERROR: AddressSanitizer: global-buffer-overflow on address 0x55a21e77172a at pc 0x7f1ef246f2a6 bp 0x7fffed8f4f40 sp 0x7fffed8f46e8
| READ of size 32 at 0x55a21e77172a thread T0
| #0 0x7f1ef246f2a5 in __interceptor_memcpy /var/tmp/portage/sys-devel/gcc-13.2.1_p20231014/work/gcc-13-20231014/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:899
| #1 0x55a21e758bf6 in ipset_strlcpy /home/n0-1/git/ipset/lib/data.c:119
| #2 0x55a21e758bf6 in ipset_data_set /home/n0-1/git/ipset/lib/data.c:349
| #3 0x55a21e75ee2f in ipset_parse_typename /home/n0-1/git/ipset/lib/parse.c:1819
| #4 0x55a21e754119 in ipset_parser /home/n0-1/git/ipset/lib/ipset.c:1205
| #5 0x55a21e752cef in ipset_parse_argv /home/n0-1/git/ipset/lib/ipset.c:1344
| #6 0x55a21e74ea45 in main /home/n0-1/git/ipset/src/ipset.c:38
| #7 0x7f1ef224cf09 (/lib64/libc.so.6+0x23f09)
| #8 0x7f1ef224cfc4 in __libc_start_main (/lib64/libc.so.6+0x23fc4)
| #9 0x55a21e74f040 in _start (/home/n0-1/git/ipset/src/ipset+0x1d040)
|
| 0x55a21e77172a is located 54 bytes before global variable '*.LC1' defined in 'ipset_bitmap_ip.c' (0x55a21e771760) of size 19
| '*.LC1' is ascii string 'IP|IP/CIDR|FROM-TO'
| 0x55a21e77172a is located 0 bytes after global variable '*.LC0' defined in 'ipset_bitmap_ip.c' (0x55a21e771720) of size 10
| '*.LC0' is ascii string 'bitmap:ip'
Fix this by avoiding 'src' array overstep in ipset_strlcpy(): In
contrast to strncpy(), memcpy() does not respect NUL-chars in input but
stubbornly reads as many bytes as specified.
Fixes: a7432ba786ca4 ("Workaround misleading -Wstringop-truncation warning")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
---
lib/data.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/data.c b/lib/data.c
index c05b20144cdad..64cad7a377302 100644
--- a/lib/data.c
+++ b/lib/data.c
@@ -111,6 +111,9 @@ ipset_strlcpy(char *dst, const char *src, size_t len)
assert(dst);
assert(src);
+ if (strlen(src) < len)
+ len = strlen(src) + 1;
+
memcpy(dst, src, len);
dst[len - 1] = '\0';
}

3
0001-lib-ipset-Avoid-argv-array-overstepping.patch → 0003-lib-ipset-Avoid-argv-array-overstepping.patch
View File

@ -1,4 +1,4 @@
From 90f9e82d1db7f81c8d1e41de9fadb82d51c9a2d0 Mon Sep 17 00:00:00 2001
From 851cb04ffee5040f1e0063f77c3fe9bc6245e0fb Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Thu, 27 Jun 2024 10:18:17 +0200
Subject: [PATCH] lib: ipset: Avoid 'argv' array overstepping
@ -16,7 +16,6 @@ did.
Fixes: 1e6e8bd9a62aa ("Third stage to ipset-5")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
(cherry picked from commit 851cb04ffee5040f1e0063f77c3fe9bc6245e0fb)
---
lib/ipset.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

354
0004-tests-Reduce-testsuite-run-time.patch Normal file
View File

@ -0,0 +1,354 @@
From 5c9ef9016d2781f6e07a544e34ec9f4a8d65d0e2 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Thu, 27 Jun 2024 10:18:18 +0200
Subject: [PATCH] tests: Reduce testsuite run-time
Where acceptable, batch add set element calls to avoid overhead of
excessive 'ipset' program spawns. On my (slow) testing VM, this patch
reduces a full run of tests/runtest.sh from ~70min down to ~11min.
This might eliminate the situation being tested: resize.sh might be such
a case so batch only 255 'ipset add' calls and continue to repeat these
batched calls 32 times in hopes that it still qualifies as the resizing
stress test tests/hash:ip.t calls it.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
---
tests/resize.sh | 4 ++--
tests/resizec.sh | 32 +++++++++++++--------------
tests/resizen.sh | 49 ++++++++++++++++++++---------------------
tests/resizet.sh | 40 ++++++++++++++++-----------------
tests/setlist_resize.sh | 4 ++--
5 files changed, 64 insertions(+), 65 deletions(-)
diff --git a/tests/resize.sh b/tests/resize.sh
index 19b93fb01876c..9069b4970e92d 100755
--- a/tests/resize.sh
+++ b/tests/resize.sh
@@ -9,6 +9,6 @@ set -e
$ipset n resize-test hash:ip hashsize 64
for x in `seq 1 32`; do
for y in `seq 1 255`; do
- $ipset a resize-test 192.168.$x.$y
- done
+ echo "a resize-test 192.168.$x.$y"
+ done | $ipset restore
done
diff --git a/tests/resizec.sh b/tests/resizec.sh
index 28d674769f76f..781acf74c38dd 100755
--- a/tests/resizec.sh
+++ b/tests/resizec.sh
@@ -25,65 +25,65 @@ case "$2" in
$ipset n test hash:ip $1 hashsize 64 comment
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y comment "text $ip$x$sep$y"
+ echo "a test $ip$x$sep$y comment \"text $ip$x$sep$y\""
done
- done
+ done | $ipset restore
;;
ipport)
$ipset n test hash:ip,port $1 hashsize 64 comment
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y,1023 "text $ip$x$sep$y,1023"
+ echo "a test $ip$x$sep$y,1023 \"text $ip$x$sep$y,1023\""
done
- done
+ done | $ipset restore
;;
ipportip)
$ipset n test hash:ip,port,ip $1 hashsize 64 comment
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y,1023,$ip2 comment "text $ip$x$sep$y,1023,$ip2"
+ echo "a test $ip$x$sep$y,1023,$ip2 comment \"text $ip$x$sep$y,1023,$ip2\""
done
- done
+ done | $ipset restore
;;
ipportnet)
$ipset n test hash:ip,port,net $1 hashsize 64 comment
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y,1023,$ip2/$net comment "text $ip$x$sep$y,1023,$ip2/$net"
+ echo "a test $ip$x$sep$y,1023,$ip2/$net comment \"text $ip$x$sep$y,1023,$ip2/$net\""
done
- done
+ done | $ipset restore
;;
net)
$ipset n test hash:net $1 hashsize 64 comment
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net comment "text $ip$x$sep$y/$net"
+ echo "a test $ip$x$sep$y/$net comment \"text $ip$x$sep$y/$net\""
done
- done
+ done | $ipset restore
;;
netnet)
$ipset n test hash:net,net $1 hashsize 64 comment
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net,$ip$y$sep$x/$net comment "text $ip$x$sep$y/$net,$ip$y$sep$x/$net"
+ echo "a test $ip$x$sep$y/$net,$ip$y$sep$x/$net comment \"text $ip$x$sep$y/$net,$ip$y$sep$x/$net\""
done
- done
+ done | $ipset restore
;;
netport)
$ipset n test hash:net,port $1 hashsize 64 comment
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net,1023 comment "text $ip$x$sep$y/$net,1023"
+ echo "a test $ip$x$sep$y/$net,1023 comment \"text $ip$x$sep$y/$net,1023\""
done
- done
+ done | $ipset restore
;;
netiface)
$ipset n test hash:net,iface $1 hashsize 64 comment
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net,eth0 comment "text $ip$x$sep$y/$net,eth0"
+ echo "$ipset a test $ip$x$sep$y/$net,eth0 comment \"text $ip$x$sep$y/$net,eth0\""
done
- done
+ done | $ipset restore
;;
esac
$ipset l test | grep ^$ip | while read x y z; do
diff --git a/tests/resizen.sh b/tests/resizen.sh
index 9322bd2a2cfce..13221f7b0894a 100755
--- a/tests/resizen.sh
+++ b/tests/resizen.sh
@@ -25,80 +25,79 @@ case "$2" in
$ipset n test hash:ip,port,net $1 hashsize 64
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y,1023,$ip2/$net nomatch
+ echo "a test $ip$x$sep$y,1023,$ip2/$net nomatch"
done
- done
+ done | $ipset restore
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset t test $ip$x$sep$y,1023,$ip2/$net nomatch 2>/dev/null
+ echo "t test $ip$x$sep$y,1023,$ip2/$net nomatch"
done
- done
+ done | $ipset restore 2>/dev/null
;;
netportnet)
$ipset n test hash:net,port,net $1 hashsize 64
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y,1023,$ip2/$net nomatch
+ echo "a test $ip$x$sep$y,1023,$ip2/$net nomatch"
done
- done
+ done | $ipset restore
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset t test $ip$x$sep$y,1023,$ip2/$net nomatch 2>/dev/null
+ echo "t test $ip$x$sep$y,1023,$ip2/$net nomatch"
done
- done
+ done | $ipset restore 2>/dev/null
;;
net)
$ipset n test hash:net $1 hashsize 64
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net nomatch
+ echo "a test $ip$x$sep$y/$net nomatch"
done
- done
+ done | $ipset restore
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset t test $ip$x$sep$y/$net nomatch 2>/dev/null
+ echo "t test $ip$x$sep$y/$net nomatch"
done
- done
+ done | $ipset restore 2>/dev/null
;;
netnet)
$ipset n test hash:net,net $1 hashsize 64
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net,$ip$y$sep$x/$net nomatch
+ echo "a test $ip$x$sep$y/$net,$ip$y$sep$x/$net nomatch"
done
- done
+ done | $ipset restore
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset t test $ip$x$sep$y/$net,$ip$y$sep$x/$net nomatch \
- 2>/dev/null
+ echo "t test $ip$x$sep$y/$net,$ip$y$sep$x/$net nomatch"
done
- done
+ done | $ipset restore 2>/dev/null
;;
netport)
$ipset n test hash:net,port $1 hashsize 64
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net,1023 nomatch
+ echo "a test $ip$x$sep$y/$net,1023 nomatch"
done
- done
+ done | $ipset restore
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset t test $ip$x$sep$y/$net,1023 nomatch 2>/dev/null
+ echo "t test $ip$x$sep$y/$net,1023 nomatch"
done
- done
+ done | $ipset restore 2>/dev/null
;;
netiface)
$ipset n test hash:net,iface $1 hashsize 64
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net,eth0 nomatch
+ echo "a test $ip$x$sep$y/$net,eth0 nomatch"
done
- done
+ done | $ipset restore
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset t test $ip$x$sep$y/$net,eth0 nomatch 2>/dev/null
+ echo "t test $ip$x$sep$y/$net,eth0 nomatch"
done
- done
+ done | $ipset restore 2>/dev/null
;;
esac
$ipset x
diff --git a/tests/resizet.sh b/tests/resizet.sh
index eed4abf2bd86e..e8fdd732435ab 100755
--- a/tests/resizet.sh
+++ b/tests/resizet.sh
@@ -25,81 +25,81 @@ case "$2" in
$ipset n test hash:ip $1 hashsize 64 timeout 100
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y
+ echo "a test $ip$x$sep$y"
done
- done
+ done | $ipset restore
;;
ipmark)
$ipset n test hash:ip,mark $1 hashsize 64 timeout 100
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y,1023
+ echo "a test $ip$x$sep$y,1023"
done
- done
+ done | $ipset restore
;;
ipport)
$ipset n test hash:ip,port $1 hashsize 64 timeout 100
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y,1023
+ echo "a test $ip$x$sep$y,1023"
done
- done
+ done | $ipset restore
;;
ipportip)
$ipset n test hash:ip,port,ip $1 hashsize 64 timeout 100
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y,1023,$ip2
+ echo "a test $ip$x$sep$y,1023,$ip2"
done
- done
+ done | $ipset restore
;;
ipportnet)
$ipset n test hash:ip,port,net $1 hashsize 64 timeout 100
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y,1023,$ip2/$net
+ echo "a test $ip$x$sep$y,1023,$ip2/$net"
done
- done
+ done | $ipset restore
;;
netportnet)
$ipset n test hash:net,port,net $1 hashsize 64 timeout 100
for x in `seq 0 16`; do
for y in `seq 0 128`; do
- $ipset a test $ip$x$sep$y/$net,1023,$ip$y$sep$x/$net
+ echo "a test $ip$x$sep$y/$net,1023,$ip$y$sep$x/$net"
done
- done
+ done | $ipset restore
;;
net)
$ipset n test hash:net $1 hashsize 64 timeout 100
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net
+ echo "a test $ip$x$sep$y/$net"
done
- done
+ done | $ipset restore
;;
netnet)
$ipset n test hash:net,net $1 hashsize 64 timeout 100
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net,$ip$y$sep$x/$net
+ echo "a test $ip$x$sep$y/$net,$ip$y$sep$x/$net"
done
- done
+ done | $ipset restore
;;
netport)
$ipset n test hash:net,port $1 hashsize 64 timeout 100
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net,1023
+ echo "a test $ip$x$sep$y/$net,1023"
done
- done
+ done | $ipset restore
;;
netiface)
$ipset n test hash:net,iface $1 hashsize 64 timeout 100
for x in `seq 0 16`; do
for y in `seq 0 255`; do
- $ipset a test $ip$x$sep$y/$net,eth0
+ echo "a test $ip$x$sep$y/$net,eth0"
done
- done
+ done | $ipset restore
;;
esac
$ipset l test | grep ^$ip | while read x y z; do
diff --git a/tests/setlist_resize.sh b/tests/setlist_resize.sh
index 1c2be327b841a..acb33e3ba0f08 100755
--- a/tests/setlist_resize.sh
+++ b/tests/setlist_resize.sh
@@ -25,9 +25,9 @@ rmmod ip_set >/dev/null 2>&1
create() {
n=$1
while [ $n -le 1024 ]; do
- $ipset c test$n hash:ip
+ echo "c test$n hash:ip"
n=$((n+2))
- done
+ done | $ipset restore
}
for x in `seq 1 $loop`; do

2
ipset.save-legacy Normal file
View File

@ -0,0 +1,2 @@
#!/bin/bash
exec /usr/libexec/ipset/ipset.start-stop save

68
ipset.spec
View File

@ -1,6 +1,9 @@
# service legacy actions
%define legacy_actions %{_libexecdir}/initscripts/legacy-actions
Name: ipset
Version: 7.21
Release: 3%{?dist}
Version: 7.22
Release: 10%{?dist}
Summary: Manage Linux IP sets
License: GPL-2.0-only
@ -9,8 +12,12 @@ Source0: %{url}/%{name}-%{version}.tar.bz2
Source1: %{name}.service
Source2: %{name}.start-stop
Source3: %{name}-config
Source4: %{name}.save-legacy
Patch0001: 0001-lib-ipset-Avoid-argv-array-overstepping.patch
Patch001: 0001-Replace-BUG_ON-with-WARN_ON_ONCE-according-to-usage-.patch
Patch002: 0002-lib-data-Fix-for-global-buffer-overflow-warning-by-A.patch
Patch003: 0003-lib-ipset-Avoid-argv-array-overstepping.patch
Patch004: 0004-tests-Reduce-testsuite-run-time.patch
BuildRequires: libmnl-devel
BuildRequires: automake
@ -22,6 +29,15 @@ BuildRequires: libtool-ltdl-devel
# An explicit requirement is needed here, to avoid cases where a user would
# explicitly update only one of the two (e.g 'yum update ipset')
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
# RHEL10 moved ipset-specific kernel modules into extra package
Requires: (kernel-modules-extra if kernel-modules-core)
Requires: (kernel-rt-modules-extra if kernel-rt-modules-core)
Requires: (kernel-64k-modules-extra if kernel-64k-modules-core)
Requires: (kernel-rt-64k-modules-extra if kernel-rt-64k-modules-core)
Requires: (kernel-debug-modules-extra if kernel-debug-modules-core)
Requires: (kernel-rt-debug-modules-extra if kernel-rt-debug-modules-core)
Requires: (kernel-64k-debug-modules-extra if kernel-64k-debug-modules-core)
Requires: (kernel-rt-64k-debug-modules-extra if kernel-rt-64k-debug-modules-core)
%description
IP sets are a framework inside the Linux kernel since version 2.4.x, which can
@ -61,7 +77,7 @@ libraries.
Summary: %{name} service for %{name}s
Requires: %{name} = %{version}-%{release}
BuildRequires: systemd
Requires: iptables-services
Requires: iptables-nft-services
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
@ -107,9 +123,16 @@ install -c -m 755 %{SOURCE2} %{buildroot}%{_libexecdir}/%{name}
install -d -m 755 %{buildroot}%{_sysconfdir}/sysconfig
install -c -m 600 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/%{name}-config
# install legacy actions for service command
install -d %{buildroot}/%{legacy_actions}/ipset
install -c -m 755 %{SOURCE4} %{buildroot}/%{legacy_actions}/ipset/save
# Create directory for configuration
mkdir -p %{buildroot}%{_sysconfdir}/%{name}
# Turn absolute symlink into a relative one
ln -sf %{name} %{buildroot}/%{_sbindir}/%{name}-translate
%preun
if [[ $1 -eq 0 && -n $(lsmod | grep "^xt_set ") ]]; then
@ -170,11 +193,44 @@ fi
%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/sysconfig/ipset-config
%ghost %config(noreplace) %attr(0600,root,root) %{_sysconfdir}/sysconfig/ipset
%attr(0755,root,root) %{_libexecdir}/%{name}/%{name}.start-stop
%dir %{legacy_actions}/ipset
%{legacy_actions}/ipset/save
%changelog
* Wed Sep 11 2024 Phil Sutter <psutter@redhat.com> - 7.21-3
- lib: ipset: Avoid 'argv' array overstepping
* Fri Jan 16 2026 Phil Sutter <psutter@redhat.com> - 7.22-10
- Use modules-core for conditional modules-extra dependency
* Thu Nov 27 2025 Phil Sutter <psutter@redhat.com> - 7.22-9
- Do not require kernel-modules-extra-matched meta package
* Tue Apr 22 2025 Phil Sutter <psutter@redhat.com> - 7.22-8
- Require new kernel-modules-extra-matched meta package
* Mon Mar 17 2025 Eric Garver <egarver@redhat.com> - 7.22-7
- fix kernel-modules-extra dependency for aarch64 64k variant [RHEL-83582]
* Fri Nov 08 2024 Phil Sutter <psutter@redhat.com> - 7.22-6
- Bump for sidetag build
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 7.22-5
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Thu Oct 10 2024 Phil Sutter <psutter@redhat.com> - 7.22-4
- Add legacy actions for service save support
- ipset-services to depend on iptables-nft-services
- Require kernel-modules-extra
* Tue Sep 10 2024 Phil Sutter <psutter@redhat.com> - 7.22-3
- Bump release to trigger CI
* Thu Aug 29 2024 Phil Sutter <psutter@redhat.com> - 7.22-2
- Bump release to trigger CI
* Thu Aug 01 2024 Phil Sutter <psutter@redhat.com> - 7.22-1
- Turn absolute ipset-translate symlink into a relative one
- Rebase onto 7.22 plus fixes
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 7.21-2
- Bump release for June 2024 mass rebuild

2
sources
View File

@ -1 +1 @@
SHA512 (ipset-7.21.tar.bz2) = 175c6516c2091c57738a0324678d8d016e4d7f18fa03cb0dcc502391cac4caf4db1e757f61ad2fe312c1dbe431ec9cfabbc8e15a64a94ebd2fa903155b27c88f
SHA512 (ipset-7.22.tar.bz2) = e375a9110eb7974480147c57eb2cff4bdd03c7704cdae006a3d254cc80fada587aa8aee25a86f7cab29db83f5e283c5f9a47a314297317660ebba5097f623d79