Fedora 21 Update: firewalld-0.3.14.2-2.fc21

Tue Jun 30 20:15:15 UTC 2015

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-10356
2015-06-20 13:46:41
--------------------------------------------------------------------------------

Name        : firewalld
Product     : Fedora 21
Version     : 0.3.14.2
Release     : 2.fc21
URL         : http://www.firewalld.org
Summary     : A firewall daemon with D-Bus interface providing a dynamic firewall
Description :
firewalld is a firewall service daemon that provides a dynamic customizable
firewall with a D-Bus interface.

--------------------------------------------------------------------------------
Update Information:

- reunification of the firewalld spec files for all Fedora releases
- fix dependencies for -applet and -config: use_python3 is the proper switch
  not with_python3 (RHBZ#1232493)
- firewalld.spec:
  - fixed requirements for -applet and -config
- man pages:
  - adapted firewall-applet man page to new version
- firewall-applet:
  - Only honour active connections for zone changes
  - Change QSettings path and file names
- firewall-config:
  - Only honour active connections for zone changes in the “Change Zones of Connections” menu
- Translations:
  - updated translations
  - marked translations for “Connections” for review

- Fix issue with missing polkit policy when installing firewalld on
  Cloud Edition.

- firewall-applet
  - do not use isSystemTrayAvailable check to fix KDE5 startup
  - dropped gtk applet remain: org.fedoraproject.FirewallApplet.gschema.xml

- renamed python2-firewall to python-firewall
- fixed requirements for GUI parts with Python3
- dropped upstream merged python3 patch
- firewalld:
  - print real zone names in error messages
  - iptables 1.4.21 does not accept limits of 1/day, minimum is 2/day now
  - rate limit fix for rich rules
  - fix readdition of removed permanent direct settings
  - adaption of the polkit domains to use PK_ACTION_DIRECT_INFO
  - fixed two minor Python3 issues in firewall.core.io.direct
  - fixed use of fallback configuration values
  - fixed use without firewalld.conf
  - firewalld main restructureization
  - IPv6_rpfilter now also available as a property on D-Bus in the config interface
  - fixed wait option use for ipXtables
  - added --concurrent support for ebtables
  - richLanguage: allow masquerading with destination
  - richLanguage: limit masquerading forward rule to new connections
  - ipXtables: No dns lookups in available_tables and _detect_wait_option
  - full ebtables support: start, stop, reload, panic mode, direct chains and rules
  - fix for reload with direct rules
  - fix or flaws found by landscape.io
  - pid file handling fixes in case of pid file removal
  - fix for client issue in case of a dbus NoReply error
- configuration
  - new services: dropbox-lansync, ptp
  - new icmptypes: timestamp-request, timestamp-reply
- man pages:
  - firewalld.zones(5): fixed typos
  - firewalld.conf(5): Fixed wrong reference to firewalld.lockdown-whitelist page
- firewall-applet:
  - new version using Qt4 fixing several issues with the Gtk version
- spec file:
  - enabled Python3 support: new backends python-firewall and python3-firewall
  - some cleanup
- git:
  - migrated to github
- translations:
  - migrated to zanata
- build environment:
  - no need for autoconf-2.69, 2.68 is sufficient

--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 18 2015 Thomas Woerner <twoerner at redhat.com> - 0.3.14.2-2
- Fixed 'pid_file' referenced before assignment (RHBZ#1233232)
* Wed Jun 17 2015 Thomas Woerner <twoerner at redhat.com> - 0.3.14.2-1
- reunification of the firewalld spec files for all Fedora releases
- fix dependencies for -applet and -config: use_python3 is the proper switch
  not with_python3 (RHBZ#1232493)
- firewalld.spec:
  - fixed requirements for -applet and -config
- man pages:
  - adapted firewall-applet man page to new version
- firewall-applet:
  - Only honour active connections for zone changes
  - Change QSettings path and file names
- firewall-config:
  - Only honour active connections for zone changes in the “Change Zones of Connections” menu
- Translations:
  - updated translations
  - marked translations for “Connections” for review
* Tue Jun 16 2015 Stephen Gallagher <sgallagh at redhat.com> 0.3.14.1-2
- Fix issue with missing polkit policy when installing firewalld on
  Cloud Edition.
* Fri Jun 12 2015 Thomas Woerner <twoerner at redhat.com> - 0.3.14.1-1
- firewall-applet
  - do not use isSystemTrayAvailable check to fix KDE5 startup
  - dropped gtk applet remain: org.fedoraproject.FirewallApplet.gschema.xml
* Fri Jun 12 2015 Thomas Woerner <twoerner at redhat.com> - 0.3.14-1
- renamed python2-firewall to python-firewall
- fixed requirements for GUI parts with Python3
- dropped upstream merged python3 patch
- firewalld:
  - print real zone names in error messages
  - iptables 1.4.21 does not accept limits of 1/day, minimum is 2/day now
  - rate limit fix for rich rules
  - fix readdition of removed permanent direct settings
  - adaption of the polkit domains to use PK_ACTION_DIRECT_INFO
  - fixed two minor Python3 issues in firewall.core.io.direct
  - fixed use of fallback configuration values
  - fixed use without firewalld.conf
  - firewalld main restructureization
  - IPv6_rpfilter now also available as a property on D-Bus in the config interface
  - fixed wait option use for ipXtables
  - added --concurrent support for ebtables
  - richLanguage: allow masquerading with destination
  - richLanguage: limit masquerading forward rule to new connections
  - ipXtables: No dns lookups in available_tables and _detect_wait_option
  - full ebtables support: start, stop, reload, panic mode, direct chains and rules
  - fix for reload with direct rules
  - fix or flaws found by landscape.io
  - pid file handling fixes in case of pid file removal
  - fix for client issue in case of a dbus NoReply error
- configuration
  - new services: dropbox-lansync, ptp
  - new icmptypes: timestamp-request, timestamp-reply
- man pages:
  - firewalld.zones(5): fixed typos
  - firewalld.conf(5): Fixed wrong reference to firewalld.lockdown-whitelist page
- firewall-applet:
  - new version using Qt4 fixing several issues with the Gtk version
- spec file:
  - enabled Python3 support: new backends python-firewall and python3-firewall
  - some cleanup
- git:
  - migrated to github
- translations:
  - migrated to zanata
- build environment:
  - no need for autoconf-2.69, 2.68 is sufficient
* Thu May  7 2015 Stephen Gallagher <sgallagh at redhat.com> 0.3.13-7
- Use VARIANT_ID instead of VARIANT for making decisions
* Thu Apr 16 2015 Stephen Gallagher <sgallagh at redhat.com> 0.3.13-6
- Switch to using $VARIANT directly from /etc/os-release
* Fri Mar 13 2015 Stephen Gallagher <sgallagh at redhat.com> 0.3.13-5
- Fix bugs with posttrans
- Remove nonexistent fedora-cloud.conf symlink
* Fri Mar 13 2015 Stephen Gallagher <sgallagh at redhat.com> 0.3.13-4
- Remove per-edition config files
- Decide on default configuration based on /etc/os-release
* Mon Feb 23 2015 Jiri Popelka <jpopelka at redhat.com> - 0.3.13-3
- use python3 bindings on fedora >=23
* Wed Jan 28 2015 Thomas Woerner <twoerner at redhat.com> - 0.3.13-2
- enable python2 and python3 bindings for fedora >= 20 and rhel >= 7
- use python3 bindings on fedora >= 22 and rhel >= 8 for firewalld,
  firewall-config and firewall-applet
* Thu Dec  4 2014 Jiri Popelka <jpopelka at redhat.com> - 0.3.13-1
- firewalld:
  - ipXtables: use -w or -w2 if supported (RHBZ#1161745, RHBZ#1151067)
  - DROP INVALID packets (RHBZ#1169837)
  - don't use ipv6header for protocol matching. (RHBZ#1065565)
  - removeAllPassthroughs(): remove passthroughs in reverse order (RHBZ#1167100)
  - fix config.service.removeDestination() (RHBZ#1164584)
- firewall-config:
  - portProtoDialog: other protocol excludes port number/range
  - better fix for updating zoneStore also in update_active_zones()
  - fix typo in menu
- configuration:
  - new services: tinc, vdsm, mosh, iscsi-target, rsyncd
  - ship and install XML Schema files. (#8)
- man pages:
  - firewalld.dbus, firewalld.direct, firewalld, firewall-cmd
- spec file:
  - filesystem subpackage
  - make dirs&files in /usr/lib/ world-readable (RHBZ#915988)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1082240 - No firewalld-applet icon on Gnome 3.12
        https://bugzilla.redhat.com/show_bug.cgi?id=1082240
  [ 2 ] Bug #1176416 - [abrt] firewall-config: connection.py:651:call_blocking:DBusException: org.freedesktop.DBus.Error.AccessDenied: Rejected send message, 8 matched rules; type="method_call", sender=":1.3269" (uid=1000 pid=16230 comm="/usr/bin/python -Es /usr/bin/firewall...
        https://bugzilla.redhat.com/show_bug.cgi?id=1176416
  [ 3 ] Bug #1176959 - [abrt] firewall-config: firewall-config:4330:load_direct:AttributeError: 'NoneType' object has no attribute 'getAllChains'
        https://bugzilla.redhat.com/show_bug.cgi?id=1176959
  [ 4 ] Bug #1190520 - [abrt] firewall-config: connection.py:651:call_blocking:DBusException: org.freedesktop.NetworkManager.Settings.PermissionDenied: uid 1100 has no permission to perform this operation
        https://bugzilla.redhat.com/show_bug.cgi?id=1190520
  [ 5 ] Bug #1230863 - [abrt] firewall-config: firewall-config:4050:load_icmps:TypeError: 'NoneType' object is not iterable
        https://bugzilla.redhat.com/show_bug.cgi?id=1230863
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update firewalld' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------