Fedora 20 Update: firewalld-0.3.10-1.fc20
updates at fedoraproject.org
updates at fedoraproject.org
Thu Jun 19 22:59:07 UTC 2014
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-6834
2014-05-29 22:40:16
--------------------------------------------------------------------------------
Name : firewalld
Product : Fedora 20
Version : 0.3.10
Release : 1.fc20
URL : http://fedorahosted.org/firewalld
Summary : A firewall daemon with D-Bus interface providing a dynamic firewall
Description :
firewalld is a firewall service daemon that provides a dynamic customizable
firewall with a D-Bus interface.
--------------------------------------------------------------------------------
Update Information:
New upstream release, which fixes bugs and adds new services.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 28 2014 Jiri Popelka <jpopelka at redhat.com> - 0.3.10-1
- new services: freeipa-*, puppermaster, amanda-k5, synergy,
xmpp-*, tor, privoxy, sane
- do not use at_console in D-Bus policies (RHBZ#1094745)
- apply all rich rules for non-default targets
- AppData file (RHBZ#1094754)
- separate Polkit actions for desktop & server (RHBZ#1091068)
- sanitize missing ip6t_rpfilter (RHBZ#1074427)
- firewall/core/io/*: few improvements (RHBZ#1065738)
- no load failed error for absent direct.xml file
- new DBUS_INTERFACE.getZoneSettings to get all run-time zone settings
- fixed creation and deletion of zones, services and icmptypes over D-Bus signals
- FirewallClientZoneSettings: Set proper default target
- if Python2 then encode strings from sax parser (RHBZ#1059104, RHBZ#1058853)
- firewall-cmd:
- don't colour output of query commands (RHBZ#1097841)
- use "default" instead of {chain}_{zone} (RHBZ#1075675)
- New --get-target and --set-target
- Create and remove permanent zones, services and icmptypes
- firewall-config:
- Adding services and icmptypes resulted in duplicates in UI
- Use left button menu of -applet in Option menu
- firewall-offline-cmd: same functionality as 'firewall-cmd --permanent'
- firewall-applet: ZoneConnectionEditor was missing the Default Zone entry
- bash-completion: getting zones/services/icmps is different with/without --permanent
- firewalld.zone(5): removed superfluous slash (RHBZ#1091575)
- updated translations
* Wed Feb 5 2014 Jiri Popelka <jpopelka at redhat.com> - 0.3.9.3-1
- Fixed persistent port forwarding (RHBZ#1056154)
- Stop default zone rules being applied to all zones (RHBZ#1057875)
- Enforce trust, block and drop zones in the filter table only (RHBZ#1055190)
- Allow RAs prior to applying IPv6_rpfilter (RHBZ#1058505)
- Fix writing of rule.audit in zone_writer()
* Fri Jan 17 2014 Jiri Popelka <jpopelka at redhat.com> - 0.3.9.2-1
- fix regression introduced in 0.3.9 (RHBZ#1053932)
* Thu Jan 16 2014 Jiri Popelka <jpopelka at redhat.com> - 0.3.9.1-1
- fix regressions introduced in 0.3.9 (RHBZ#1054068, RHBZ#1054120)
* Mon Jan 13 2014 Jiri Popelka <jpopelka at redhat.com> - 0.3.9-1
- translation updates
- New IPv6_rpfilter setting to enable source address validation (RHBZ#847707)
- Do not mix original and customized zones in case of target changes,
apply only used zones
- firewall-cmd: fix --*_lockdown_whitelist_uid to work with uid 0
- Don't show main window maximized. (RHBZ#1046811)
- Use rmmod instead of 'modprobe -r' (RHBZ#1031102)
- Deprecate 'enabled' attribute of 'masquerade' element
- firewall-config: new zone was added twice to the list
- firewalld.dbus(5)
- Enable python shebang fix again
- firewall/client: handle_exceptions: Use loop in decorator
- firewall-offline-cmd: Do not mask firewalld service with disabled option
- firewall-config: richRuleDialogActionRejectType Entry -> ComboBox
- Rich_Rule: fix parsing of reject element (RHBZ#1027373)
- Show combined zones in permanent configuration (RHBZ#1002016)
- firewall-cmd(1): document exit code 2 and colored output (RHBZ#1028507)
- firewall-config: fix RHBZ#1028853
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #998801 - RFE: Add XMPP-local-messaging service entry
https://bugzilla.redhat.com/show_bug.cgi?id=998801
[ 2 ] Bug #1001193 - Puppet server missing firewalld configuration
https://bugzilla.redhat.com/show_bug.cgi?id=1001193
[ 3 ] Bug #1056840 - [RFE] support synergy service
https://bugzilla.redhat.com/show_bug.cgi?id=1056840
[ 4 ] Bug #1059104 - [abrt] firewall-config: firewall-config:1450:_add_rich_rule:UnicodeDecodeError: 'ascii' codec can't decode byte 0xd0 in position 0: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1059104
[ 5 ] Bug #1061833 - Inconsistent PolicyKit domain usage for D-Bus methods
https://bugzilla.redhat.com/show_bug.cgi?id=1061833
[ 6 ] Bug #1065738 - firewalld.direct can not handle complex iptables args
https://bugzilla.redhat.com/show_bug.cgi?id=1065738
[ 7 ] Bug #1074427 - yum update of firewalld to 0.3.9.3-1 renders host unreachable
https://bugzilla.redhat.com/show_bug.cgi?id=1074427
[ 8 ] Bug #1077999 - Service file for k5amanda service
https://bugzilla.redhat.com/show_bug.cgi?id=1077999
[ 9 ] Bug #1091068 - overprotected api
https://bugzilla.redhat.com/show_bug.cgi?id=1091068
[ 10 ] Bug #1091575 - typos in man firewalld.zone(5) structure for rule tag
https://bugzilla.redhat.com/show_bug.cgi?id=1091575
[ 11 ] Bug #1094754 - Please ship an AppData file upstream
https://bugzilla.redhat.com/show_bug.cgi?id=1094754
[ 12 ] Bug #1096209 - Rich PORT/PROTOCOL rules not applied in zones with non-default targets
https://bugzilla.redhat.com/show_bug.cgi?id=1096209
[ 13 ] Bug #1094745 - at_console in dbus policy makes firewalld hard to use on servers
https://bugzilla.redhat.com/show_bug.cgi?id=1094745
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update firewalld' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list