From 23919676ed89768f1d9f29a1eb1164350f4ca5d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= <m...@redhat.com> Date: Mon, 9 Nov 2015 17:41:27 +0100 Subject: Update to IPTables-Parse-1.6
--- .gitignore | 2 ++ IPTables-Parse-1.5-predictable-tmp.patch | 48 -------------------------------- perl-IPTables-Parse.spec | 10 +++---- sources | 4 +-- 4 files changed, 9 insertions(+), 55 deletions(-) delete mode 100644 IPTables-Parse-1.5-predictable-tmp.patch diff --git a/.gitignore b/.gitignore index 9adbf2f..668b4e2 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,5 @@ IPTables-Parse-0.7.tar.bz2.asc /IPTables-Parse-1.4.tar.bz2.asc /IPTables-Parse-1.5.tar.bz2 /IPTables-Parse-1.5.tar.bz2.asc +/IPTables-Parse-1.6.tar.bz2 +/IPTables-Parse-1.6.tar.bz2.asc diff --git a/IPTables-Parse-1.5-predictable-tmp.patch b/IPTables-Parse-1.5-predictable-tmp.patch deleted file mode 100644 index 7e2d9de..0000000 --- a/IPTables-Parse-1.5-predictable-tmp.patch +++ /dev/null @@ -1,48 +0,0 @@ -From b400b976d81140f6971132e94eb7657b5b0a2b87 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= <m...@redhat.com> -Date: Tue, 29 Sep 2015 19:09:43 +0200 -Subject: [PATCH] Don't use predictable names for temporary files - -This allows an attacker on a multi-user system to set up symlinks to -overwrite any file the current user has write access to. - -Don't recommend users of this module to use predictable names either. ---- - lib/IPTables/Parse.pm | 7 +++---- - 1 file changed, 3 insertions(+), 4 deletions(-) - -diff --git a/lib/IPTables/Parse.pm b/lib/IPTables/Parse.pm -index 7c27b8b..cbd2042 100644 ---- a/lib/IPTables/Parse.pm -+++ b/lib/IPTables/Parse.pm -@@ -17,6 +17,7 @@ package IPTables::Parse; - use 5.006; - use POSIX ":sys_wait_h"; - use Carp; -+use File::Temp; - use strict; - use warnings; - use vars qw($VERSION); -@@ -36,8 +37,8 @@ sub new() { - _firewall_cmd => $args{'firewall-cmd'} || '', - _fwd_args => $args{'fwd_args'} || '--direct --passthrough ipv4', - _ipv6 => $args{'use_ipv6'} || 0, -- _iptout => $args{'iptout'} || '/tmp/ipt.out' . $$, -- _ipterr => $args{'ipterr'} || '/tmp/ipt.err' . $$, -+ _iptout => $args{'iptout'} || mktemp('/tmp/ipt.out.XXXXXX'), -+ _ipterr => $args{'ipterr'} || mktemp('/tmp/ipt.err.XXXXXX'), - _ipt_alarm => $args{'ipt_alarm'} || 30, - _debug => $args{'debug'} || 0, - _verbose => $args{'verbose'} || 0, -@@ -980,8 +981,6 @@ IPTables::Parse - Perl extension for parsing iptables and ip6tables policies - 'use_ipv6' => 0, # can set to 1 to force ip6tables usage - 'ipt_rules_file' => '', # optional file path from - # which to read iptables rules -- 'iptout' => '/tmp/iptables.out', -- 'ipterr' => '/tmp/iptables.err', - 'debug' => 0, - 'verbose' => 0 - ); --- -2.4.3 - diff --git a/perl-IPTables-Parse.spec b/perl-IPTables-Parse.spec index 036871e..554dbd5 100644 --- a/perl-IPTables-Parse.spec +++ b/perl-IPTables-Parse.spec @@ -1,14 +1,12 @@ Name: perl-IPTables-Parse -Version: 1.5 -Release: 2%{?dist} +Version: 1.6 +Release: 1%{?dist} Summary: Perl extension for parsing iptables firewall rulesets License: Artistic 2.0 Group: Development/Libraries URL: http://www.cipherdyne.org/modules/ Source0: http://www.cipherdyne.org/modules/IPTables-Parse-%{version}.tar.bz2 Source1: http://www.cipherdyne.org/modules/IPTables-Parse-%{version}.tar.bz2.asc -# https://github.com/mrash/IPTables-Parse/pull/6 -Patch0: IPTables-Parse-1.5-predictable-tmp.patch BuildArch: noarch BuildRequires: perl(ExtUtils::MakeMaker), perl(Test) Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) @@ -23,7 +21,6 @@ rules exist. %prep %setup -q -n IPTables-Parse-%{version} -%patch0 -p1 %build %{__perl} Makefile.PL INSTALLDIRS=vendor @@ -50,6 +47,9 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man3/* %changelog +* Mon Nov 9 2015 Miloslav Trmač <m...@redhat.com> - 1.6-1 +- Update to IPTables-Parse-1.6 + * Wed Oct 14 2015 Miloslav Trmač <m...@redhat.com> - 1.5-2 - Add Requires: perl(Test) needed with perl-4:5.22.0-352.fc24 diff --git a/sources b/sources index d3484c9..5d738e7 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -4eeb5b8387b9f21ec0ca0be961f30434 IPTables-Parse-1.5.tar.bz2 -239d59bad0ba736ac7df61a88b9bfef6 IPTables-Parse-1.5.tar.bz2.asc +1bab1e81bbb9455f4bcbf4e5be4bef60 IPTables-Parse-1.6.tar.bz2 +f03997bfca8a2d51c617ef9ed051846c IPTables-Parse-1.6.tar.bz2.asc -- cgit v0.11.2 http://pkgs.fedoraproject.org/cgit/perl-IPTables-Parse.git/commit/?h=master&id=23919676ed89768f1d9f29a1eb1164350f4ca5d8 -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel