Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package iputils for openSUSE:Factory checked in at 2021-10-19 23:03:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/iputils (Old) and /work/SRC/openSUSE:Factory/.iputils.new.1890 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "iputils" Tue Oct 19 23:03:27 2021 rev:61 rq:925486 version:20210722 Changes: -------- --- /work/SRC/openSUSE:Factory/iputils/iputils.changes 2021-09-26 21:49:24.478829201 +0200 +++ /work/SRC/openSUSE:Factory/.iputils.new.1890/iputils.changes 2021-10-19 23:03:29.085263614 +0200 @@ -1,0 +2,5 @@ +Fri Oct 15 12:12:11 UTC 2021 - Johannes Segitz <jseg...@suse.com> + +- Drop ProtectClock hardening, can cause issues if other device acceess is needed + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ harden_rdisc.service.patch ++++++ --- /var/tmp/diff_new_pack.yNOD2C/_old 2021-10-19 23:03:29.629263861 +0200 +++ /var/tmp/diff_new_pack.yNOD2C/_new 2021-10-19 23:03:29.633263863 +0200 @@ -2,14 +2,13 @@ =================================================================== --- iputils-20210722.orig/systemd/rdisc.service.in +++ iputils-20210722/systemd/rdisc.service.in -@@ -20,6 +20,12 @@ ProtectKernelModules=yes +@@ -20,6 +20,11 @@ ProtectKernelModules=yes MemoryDenyWriteExecute=yes RestrictRealtime=yes RestrictNamespaces=yes +# added automatically, for details please see +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort +ProtectHostname=true -+ProtectClock=true +ProtectKernelLogs=true +# end of automatic additions SystemCallArchitectures=native
