You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa firewalld

Sigurnosni nedostatak programskog paketa firewalld

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2016-08-19 17:06:50.388260

Name : firewalld
Product : Fedora 24
Version :
Release : 1.fc24
Summary : A firewall daemon with D-Bus interface providing a dynamic firewall
Description :
firewalld is a firewall service daemon that provides a dynamic customizable
firewall with a D-Bus interface.

Update Information:

– Fix CVE-2016-5410: Firewall configuration can be modified by any logged in
user – firewall/server/firewalld: Make getXSettings and getLogDenied CONFIG_INFO
– Update AppData configuration file. – tests/ Use new import
structure and FirewallClient classes – tests/ Use new import
structure – tests: firewalld_direct: Fix assert to check for True instead of
False – tests: firewalld_config: Fix expected value when querying the zone
target – tests: firewalld_config: Use real nf_conntrack modules –
firewalld.spec: Added comment about make call for %build – firewall-config: Use
also width_request and height_request with default size – Updated firewall-
config screenshot – firewall-cmd: Fixed typo in help output (RHBZ#1367171) –
test-suite: Ignore stderr to get default zone also for missing firewalld.conf –
firewall.core.logger: Warnings should be printed to stderr per default –
firewall.core.fw_nm: Ignore NetworkManager if NM.Client connect fails –
firewall-cmd, firewallctl: Gracefully fail if SystemBus can not be aquired –
firewall.client: Generate new DBUS_ERROR if SystemBus can not be aquired – test-
suite: Do not fail on ALREADY_ENABLED –add-destination tests –
firewall.command: ALREADY_ENABLED, NOT_ENABLED, ZONE_ALREADY_SET are warnings –
doc/xml/firewalld.dbus.xml: Removed undefined reference – doc/xml/transform- Fixed references in the document –
doc/xml/firewalld.{dbus,zone}.xml: Embed programlisting in para – doc/xml
/ Enhanced html formatting closer to the man page –
firewall: core: fw_nm: Instantiate the NM client only once –
firewall/core/io/*.py: Do not traceback on a general sax parsing issue –
firewall-offline-cmd: Fix –{add,remove}-entries-from-file – firewall-cmd: Add
missing action to fix –{add,remove}-entries-from-file – firewall.core.prog: Do
not output stderr, but return it in the error case –
Fix ifcfg file reader and writer (RHBZ#1362171) – config/
use KillMode=mixed – config/ use –
firewall-config: Add missing gettext.textdomain call to fix translations – Add
UDP to transmission-client.xml service – tests/firewall-[offline-]
Hide errors and warnings – firewall.client: Fix ALREADY_ENABLED errors in
icmptype destination calls – firewall.client: Fix NOT_ENABLED errors in icmptype
destination calls – firewall.client: Use {ALREADY,NOT}_ENABLED errors in
icmptype destination calls – firewall.command: Add the removed FirewallError
handling to the action (a17ce50) – firewall.command: Do not use query methods
for sequences and also single options – Add missing information about MAC and
ipset sources to man pages and help output – firewalld.spec: Add BuildRequires
for libxslt to enable rebuild of man pages – firewall[-offline]-cmd,
firewallctl, firewall.command: Use sys.{stdout,stderr} – firewallctl: Fix
traceback if not connected to firewalld – firewall-config: Initialize value in
on_richRuleDialogElementChooser_clicked – firewall.command: Convert errors to
string for Python3 – firewall.command: Get proper firewall error code from
D-BusExceptions – firewall-cmd: Fixed traceback without args – Add missing
service files to – shell-completion: Add shell completion support
for –{get,set}–{description,short}

[ 1 ] Bug #1358380 – firewall-cmd crashes if /run/dbus/system_bus_socket does not exist
[ 2 ] Bug #1361589 – firewall-config error when using pt-BR language
[ 3 ] Bug #1367381 – CVE-2016-5410 firewalld: Firewall configuration can be modified by any logged in user [fedora-all]
[ 4 ] Bug #1363741 – firewall-cmd ipset –add-entries-from-file regression

This update can be installed with the “yum” update program. Use
su -c ‘yum update firewalld’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorMarko Stanec
Cert idNCERT-REF-2016-08-0136-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa perl

Otkriven je sigurnosni nedostatak u programskom paketu perl za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje stjecanje povećanih korisničkih...