openSUSE Recommended Update: Recommended update for firewalld and susefirewall2-to-firewalld ______________________________________________________________________________ Announcement ID: openSUSE-RU-2018:2711-1 Rating: moderate References: #1096542 #1098986 #1099698 #1105157 #1105170 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update for firewalld and susefirewall2-to-firewalld fixes the following issues: firewalld: - Drop global read permissions from the log file (bsc#1098986) - Add missing ipv6-icmp protocol to UI drop-down list (bsc#1099698) - Fix some untranslated strings in the creation of rich rules and firewall-config. (bsc#1096542) - fw: If failure occurs during startup set state to FAILED. - fw_direct: Avoid log for untracked passthrough queries. - Rich Rule Masquerade inverted source-destination in Forward Chain. - Don't forward interface to zone requests to NM for generated interfaces. - firewall-cmd, firewall-offline-cmd: Add --check-config option. - ipset: Check type when parsing ipset definition. - firewall-config: Add ipv6-icmp to the protocol dropdown box. - core/logger: Remove world-readable bit from logfile. - IPv6 rpfilter: Explicitly allow neighbor solicitation. susefirewall2-to-firewalld: - Do not try to handle unknown iptables chains. - Handle source whitelisting. (bsc#1105157) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-999=1 Package List: - openSUSE Leap 15.0 (noarch): firewall-applet-0.5.4-lp150.2.6.1 firewall-config-0.5.4-lp150.2.6.1 firewall-macros-0.5.4-lp150.2.6.1 firewalld-0.5.4-lp150.2.6.1 firewalld-lang-0.5.4-lp150.2.6.1 python3-firewall-0.5.4-lp150.2.6.1 susefirewall2-to-firewalld-0.0.3-lp150.2.3.1 References: https://bugzilla.suse.com/1096542 https://bugzilla.suse.com/1098986 https://bugzilla.suse.com/1099698 https://bugzilla.suse.com/1105157 https://bugzilla.suse.com/1105170