Almost the same patch as jbicha's, except with an additional line added to handle direct.removePassthrough as seth-arnold requested. ipset.setEntries does not appear to exist in this version.
** Patch added: "firewalld_0.4.0-2.debdiff" https://bugs.launchpad.net/ubuntu/xenial/+source/firewalld/+bug/1617617/+attachment/4995813/+files/firewalld_0.4.0-2.debdiff ** Changed in: firewalld (Ubuntu Xenial) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1617617 Title: Firewall configuration can be modified by any logged in user Status in firewalld package in Ubuntu: Fix Released Status in firewalld source package in Xenial: Fix Released Status in firewalld package in Debian: Fix Released Bug description: Copying from the Debian bug: --- The following vulnerability was published for firewalld. CVE-2016-5410[0]: Firewall configuration can be modified by any logged in user If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-5410 [1] https://bugzilla.redhat.com/show_bug.cgi?id=1360135 [2] http://seclists.org/oss-sec/2016/q3/291 [3] https://github.com/t-woerner/firewalld/commit/0371995a58ec4c777960007b7dbee93933f760cb --- This only affects firewalld >= 0.3.12 & < 0.4.3.3 (so trusty is not affected). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firewalld/+bug/1617617/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : [email protected] Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
