Fedora 17 Update: shorewall-4.5.4-1.fc17

updates at fedoraproject.org updates at fedoraproject.org
Fri Jun 15 12:33:07 UTC 2012 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-8512
2012-05-28 00:38:26
--------------------------------------------------------------------------------

Name        : shorewall
Product     : Fedora 17
Version     : 4.5.4
Release     : 1.fc17
URL         : http://www.shorewall.net/
Summary     : An iptables front end for firewall configuration
Description :
The Shoreline Firewall, more commonly known as "Shorewall", is a
Netfilter (iptables) based firewall that can be used on a dedicated
firewall system, a multi-function gateway/ router/server or on a
standalone GNU/Linux system.

--------------------------------------------------------------------------------
Update Information:

Update to new upstream version 4.5.4. Release notes:
Update to 4.5.3:

1)  This version includes all defect repairs from Shorewall 4.5.2.1 -
    4.5.2.4.

2)  The LOCKFILE setting in shorewall.conf and shorewall6.conf had
    inadvertently become undocumented. It is now documented again.

3)  In an initial installation of Shorewall, Shorewall6, Shorewall Lite
    or Shorewall6 Lite was done under Shorewall 4.5.2, then the
    firewall would not start up at boot even though the installer
    indicated that it would. That defect has been corrected.

4)  Previously, when per-IP rate limiting was invoked, the compiler
    would use the deprecated '--ratelimit' option, even if the
    preferred '--ratelimit-upto' option was available. Now, the
    compiler uses the preferred option if it is supported by the
    installed version of iptables.

5)  Prior to this release, using a manual chain in the ACTION column of
    a macro body generated an error:

    ERROR: Invalid Action (mychain) in macro, macro.FOO (line ...)

    This now works correctly and generates a jump to the specified
    manual chain.

6)  If SHAREDIR was other than /usr/share and $CONFDIR/shorewall/init
    did not exist, then an error message similar to this is emited:

      Processing /usr/local/share/shorewall/init ...
      Usage: /etc/init.d/shorewall
                 {start|stop|refresh|restart|force-reload|status}

7)  Prevously, a line with the single word COMMENT in the tunnels file
    would generate the following error:

        ERROR: Zone must be specified

    Now, such a line correctly resets the current rule comment.

8)  In Shorewall 4.5.2, the MARK column in the tcrules file was renamed
    to ACTION but only 'mark' was accepted in the alternate
    specification format. Now both 'mark' and 'action' are accepted.

9)  The alternative method of provider balancing using the statistic
    match feature of iptables/Netfilter was missing some logic, with
    the result that it was ineffective.

10) If a logical interface name was used by itself in the SOURCE column
    of the rtrules file, the generated routing rule would contain the
    logical name rather than the physical name.


--------------------------------------------------------------------------------
ChangeLog:

* Sun May 27 2012 Jonathan G. Underwood <jonathan.underwood at gmail.com> - 4.5.4-1
- Update to 4.5.4
* Fri May 11 2012 Orion Poplawski <orion at cora.nwra.com> - 4.5.3-1
- Update to 4.5.3
* Wed May  2 2012 Orion Poplawski <orion at cora.nwra.com> - 4.5.2.4-1
- Update to 4.5.2.4
- Use BR perl(Digest::SHA)
- Drop install patch fixed upstream
- Drop setting unneeded install variables
- Use %{perl_vendorlib}
* Wed Apr 11 2012 Orion Poplawski <orion at cora.nwra.com> - 4.5.2-1
- Update to 4.5.2
- Add patch to fixup install locations
- Add BR perl(Digest::SHA1)
- Change install ordering to install shorewall-core first
- Set DESTDIR for install script
- Set SBINDIR and SYSTEMD to handle UsrMove
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #820921 - shorewall-4.5.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=820921
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update shorewall' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list