[Bug 783863] New: security:netfilter/shorewall: Bug with openSUSE 11.4
https://bugzilla.novell.com/show_bug.cgi?id=783863 https://bugzilla.novell.com/show_bug.cgi?id=783863#c0 Summary: security:netfilter/shorewall: Bug with openSUSE 11.4 Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: Other OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: 3rd party software AssignedTo: toganm@dinamizm.com ReportedBy: bruno@ioda-net.ch QAContact: opensuse-communityscreening@forge.provo.novell.com Found By: --- Blocker: --- Hi Togan, 11.4 is still in use, and probably will goes Evergreen. The last shorewall package need and use ipset, but ipset is not published by default on 11.4 in obs it's state is unresolvable due to the need of kernel 2.6.39+ Having a running 11.4 and using the last shorewall (the only way to get it is using security-netfilter repo ) drive the system to a inconsistent state. Could you urgently provide the previous version for 11.4 or solve the ipset dependency ? We certainly have another trouble, if the shorewall package has ipset in its requires: then it shouldn't be able to install and then risk the whole system -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=783863 https://bugzilla.novell.com/show_bug.cgi?id=783863#c1 --- Comment #1 from Bruno Friedmann <bruno@ioda-net.ch> 2012-10-07 20:02:10 UTC --- I temporarily fix my issues by branching the package at rev 90. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=783863 https://bugzilla.novell.com/show_bug.cgi?id=783863#c2 Togan Muftuoglu <toganm@dinamizm.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |jengelh@inai.de --- Comment #2 from Togan Muftuoglu <toganm@dinamizm.com> 2012-10-07 23:03:09 UTC --- Sorry for the inconvience, yet ipset is not a package I maintain, and as far as I know ipset is not required for shorewall, but an enhancement recommendation. I can surely make it recommended or required but is it really the case, correct me if I am wrong. As for the 11.4 yes it is in use, and Evergreen will probably take over but I can't guarantee that I will be able to maintain the package for 11.4 or Evergreen version. I am adding the maintainer of ipset so he can voice his opinion regarding ipset availability for 11.4 kernels Togan -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=783863 https://bugzilla.novell.com/show_bug.cgi?id=783863#c3 Jan Engelhardt <jengelh@inai.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW CC| |jengelh@inai.de InfoProvider|jengelh@inai.de | --- Comment #3 from Jan Engelhardt <jengelh@inai.de> 2012-10-08 02:30:06 CEST --- ipset6(-nfnl) is what is available starting kernel 3.0, and which also happens to compile with 2.6.39. This is what is in security:netfilter/ipset. Earlier instances of xtables-addons (< 1.42) shipped a modified version I produced, ipset6-genl, which was compilable and ran with >= 2.6.35. The genl variant is discontinued since Apr 2012 when I felt that requiring 2.6.39+ (for use with ipset6-nfnl) is reasonable. You can go back and use an older revision, but I personally have no interest in 11.4. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=783863 https://bugzilla.novell.com/show_bug.cgi?id=783863#c4 Togan Muftuoglu <toganm@dinamizm.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX --- Comment #4 from Togan Muftuoglu <toganm@dinamizm.com> 2012-10-08 11:20:43 UTC --- Bruno, Based on Jan's input I am marking the bug as WONTFIX as there is nothing from my side to fix. Feel free to reopen -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=783863 https://bugzilla.novell.com/show_bug.cgi?id=783863#c5 --- Comment #5 from Bruno Friedmann <bruno@ioda-net.ch> 2012-10-09 13:41:26 UTC --- Hi Togan, not a real big deal. I've forked the rev 90 of shorewall here https://build.opensuse.org/package/show?package=shorewall&project=home%3Abruno_friedmann%3Abranches%3Asecurity%3Anetfilter until 11.4 disappear. It would be sufficient for my own needs (still 2 servers) and could help people who could be hit by the same trouble. Thank to you, and Jan about your excellent work on security:netfilter -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=783863 https://bugzilla.novell.com/show_bug.cgi?id=783863#c6 Togan Muftuoglu <toganm@dinamizm.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #6 from Togan Muftuoglu <toganm@dinamizm.com> 2012-10-09 13:55:48 UTC --- Thanks Closing the bug in this case -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com