Update to 1.8.7. Fixes rhbz#1916948

.gitignore

@@ -5,3 +5,4 @@
 /iptables-1.8.4.tar.bz2
 /iptables-1.8.5.tar.bz2
 /iptables-1.8.6.tar.bz2
+/iptables-1.8.7.tar.bz2

0001-ebtables-Fix-for-broken-chain-renaming.patch

@@ -1,60 +0,0 @@
-From 55b7c71dce7144f4dc0297c17abf0f04879ee247 Mon Sep 17 00:00:00 2001
-From: Phil Sutter <phil@nwl.cc>
-Date: Tue, 17 Nov 2020 11:38:27 +0100
-Subject: [iptables PATCH] ebtables: Fix for broken chain renaming
-
-Loading extensions pollutes 'errno' value, hence before using it to
-indicate failure it should be sanitized. This was done by the called
-function before the parsing/netlink split and not migrated by accident.
-Move it into calling code to clarify the connection.
-
-Fixes: a7f1e208cdf9c ("nft: split parsing from netlink commands")
-Signed-off-by: Phil Sutter <phil@nwl.cc>
----
- iptables/nft.c                                                | 3 ---
- iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0 | 4 ++++
- iptables/xtables-eb.c                                         | 1 +
- 3 files changed, 5 insertions(+), 3 deletions(-)
-
-diff --git a/iptables/nft.c b/iptables/nft.c
-index 39882a443a974..411e2597205c9 100644
---- a/iptables/nft.c
-+++ b/iptables/nft.c
-@@ -1896,9 +1896,6 @@ int nft_chain_user_rename(struct nft_handle *h,const char *chain,
- 		return 0;
- 	}
- 
--	/* Config load changed errno. Ensure genuine info for our callers. */
--	errno = 0;
--
- 	/* Find the old chain to be renamed */
- 	c = nft_chain_find(h, table, chain);
- 	if (c == NULL) {
-diff --git a/iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0 b/iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0
-index 0c1eb4ca66f52..6f11bd12593dd 100755
---- a/iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0
-+++ b/iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0
-@@ -86,4 +86,8 @@ if [ $? -eq 0 ]; then
- 	exit 1
- fi
- 
-+$XT_MULTI ebtables -t filter -E FOO BAZ || exit 1
-+$XT_MULTI ebtables -t filter -L | grep -q FOO && exit 1
-+$XT_MULTI ebtables -t filter -L | grep -q BAZ || exit 1
-+
- $XT_MULTI ebtables -t $t -F || exit 0
-diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
-index 6641a21a72d32..5e4184b8e80de 100644
---- a/iptables/xtables-eb.c
-+++ b/iptables/xtables-eb.c
-@@ -853,6 +853,7 @@ int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table,
- 				else if (strchr(argv[optind], ' ') != NULL)
- 					xtables_error(PARAMETER_PROBLEM, "Use of ' ' not allowed in chain names");
- 
-+				errno = 0;
- 				ret = nft_cmd_chain_user_rename(h, chain, *table,
- 							    argv[optind]);
- 				if (ret != 0 && errno == ENOENT)
--- 
-2.28.0
-

iptables.spec

@@ -18,8 +18,8 @@
 Name: iptables
 Summary: Tools for managing Linux kernel packet filtering capabilities
 URL: http://www.netfilter.org/projects/iptables
-Version: 1.8.6
+Version: 1.8.7
-Release: 5%{?dist}
+Release: 1%{?dist}
 Source: %{url}/files/%{name}-%{version}.tar.bz2
 Source1: iptables.init
 Source2: iptables-config
@@ -32,8 +32,6 @@ Source7: %{url}/files/%{name}-%{version_old}.tar.bz2
 Source8: 0002-extensions-format-security-fixes-in-libip-6-t_icmp.patch
 %endif
 
-Patch1: 0001-ebtables-Fix-for-broken-chain-renaming.patch
-
 # pf.os: ISC license
 # iptables-apply: Artistic Licence 2.0
 License: GPLv2 and Artistic Licence 2.0 and ISC
@@ -445,6 +443,9 @@ fi
 
 
 %changelog
+* Sat Jan 16 2021 Kevin Fenzi <kevin@scrye.com> - 1.8.7-1
+- Update to 1.8.7. Fixes rhbz#1916948
+
 * Thu Nov 19 17:32:24 CET 2020 Tom Stellard <tstellar@redhat.com> - 1.8.6-5
 - Use make macros
 

sources

@@ -1 +1 @@
-SHA512 (iptables-1.8.6.tar.bz2) = d06e4cddb69822c4618664a35877fc5811992936cade2040bb0e4eb25a4d879eadc7c84401c40fb39ffac7888568505adcb1cfe995cd166a15c702237daf6acf
+SHA512 (iptables-1.8.7.tar.bz2) = c0a33fafbf1139157a9f52860938ebedc282a1394a68dcbd58981159379eb525919f999b25925f2cb4d6b18089bd99a94b00b3e73cff5cb0a0e47bdff174ed75