[Group.of.nepali.translators] [Bug 1617617] Re: Firewall configuration can be modified by any logged in user

This bug was fixed in the package firewalld - 0.4.0-1ubuntu0.1 --- firewalld (0.4.0-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Any logged in user could modify passthrough rules and set ipset entries (LP: #1617617) - debian/patches/CVE-2016-5410.patch:

[Group.of.nepali.translators] [Bug 1617617] Re: Firewall configuration can be modified by any logged in user

@Lucas: you marked the bug as "Fix Released", so it's not appearing on any lists. I'll set it back to Confirmed. ** Changed in: firewalld (Ubuntu Xenial) Status: Fix Released => Confirmed -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह,

[Group.of.nepali.translators] [Bug 1617617] Re: Firewall configuration can be modified by any logged in user

Almost the same patch as jbicha's, except with an additional line added to handle direct.removePassthrough as seth-arnold requested. ipset.setEntries does not appear to exist in this version. ** Patch added: "firewalld_0.4.0-2.debdiff"

[Group.of.nepali.translators] [Bug 1617617] Re: Firewall configuration can be modified by any logged in user

This bug was fixed in the package firewalld - 0.4.3.3-1 --- firewalld (0.4.3.3-1) unstable; urgency=medium * New upstream release. - Fixes CVE-2016-5410: Firewall configuration can be modified by any logged in user. (Closes: #834529) -- Michael Biebl