From 62b5948287cae6408b69946e5b650ecb0b7c81df Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Fri, 18 Mar 2005 16:40:36 +0000 Subject: [PATCH] [tw] - Remove unnecessary explicit kernel dep (#146142) - Fixed out of bounds accesses (#131848): Thanks to Steve Grubb for the patch - Adapted iptables-config to reference to modprobe.conf (#150143) - Remove misleading message (#140154): Thanks to Ulrich Drepper for the patch --- iptables-1.3.0-no_root.patch | 11 +++++++++++ iptables-config | 2 +- iptables.spec | 16 +++++++++++++--- 3 files changed, 25 insertions(+), 4 deletions(-) create mode 100644 iptables-1.3.0-no_root.patch diff --git a/iptables-1.3.0-no_root.patch b/iptables-1.3.0-no_root.patch new file mode 100644 index 0000000..4b5ce85 --- /dev/null +++ b/iptables-1.3.0-no_root.patch @@ -0,0 +1,11 @@ +--- iptables-1.3.0/iptables.c.no_root 2005-03-18 17:29:57.109501987 +0100 ++++ iptables-1.3.0/iptables.c 2005-03-18 17:29:58.321405982 +0100 +@@ -2300,7 +2300,7 @@ + *handle = iptc_init(*table); + + if (!*handle) +- exit_error(VERSION_PROBLEM, ++ exit_error(errno == EPERM ? OTHER_PROBLEM : VERSION_PROBLEM, + "can't initialize iptables table `%s': %s", + *table, iptc_strerror(errno)); + diff --git a/iptables-config b/iptables-config index 4f1fd28..52c4e89 100644 --- a/iptables-config +++ b/iptables-config @@ -2,7 +2,7 @@ # Default: -none- # Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which # are loaded after the firewall rules are applied. Options for the helpers are -# stored in /etc/modules.conf. +# stored in /etc/modprobe.conf. IPTABLES_MODULES="" # Unload modules on restart and stop diff --git a/iptables.spec b/iptables.spec index dcade90..83952b2 100644 --- a/iptables.spec +++ b/iptables.spec @@ -4,7 +4,7 @@ Name: iptables Summary: Tools for managing Linux kernel packet filtering capabilities. Version: 1.3.0 -Release: 1 +Release: 2 Source: http://www.netfilter.org/%{name}-%{version}.tar.bz2 Source1: iptables.init Source2: iptables-config @@ -15,14 +15,15 @@ Patch2: iptables-1.2.8-nolibnsl.patch Patch4: iptables-1.2.9-netlink.patch Patch5: iptables-1.3.0-selinux.patch Patch6: iptables-1.2.10-counters.patch -Patch8: iptables-1.2.11-cleanup.patch +Patch8: iptables-1.3.0-cleanup.patch Patch9: iptables-1.3.0-autoload.patch +Patch10: iptables-1.3.0-no_root.patch Group: System Environment/Base URL: http://www.netfilter.org/ BuildRoot: %{_tmppath}/%{name}-buildroot License: GPL BuildPrereq: /usr/bin/perl -Requires: kernel >= 2.4.20 +Conflicts: kernel < 2.4.20 Requires(post,postun): chkconfig Prefix: %{_prefix} @@ -74,6 +75,7 @@ cd .. %patch6 -p1 -b .counters %patch8 -p1 -b .cleanup %patch9 -p1 -b .autoload +%patch10 -p1 -b .no_root # Put it to a reasonable place find . -type f -exec perl -pi -e "s,/usr/local,%{prefix},g" {} \; @@ -148,6 +150,14 @@ fi %endif %changelog +* Fri Mar 18 2005 Thomas Woerner 1.3.0-2 +- Remove unnecessary explicit kernel dep (#146142) +- Fixed out of bounds accesses (#131848): Thanks to Steve Grubb + for the patch +- Adapted iptables-config to reference to modprobe.conf (#150143) +- Remove misleading message (#140154): Thanks to Ulrich Drepper + for the patch + * Mon Feb 21 2005 Thomas Woerner 1.3.0-1 - new version 1.3.0