Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild

Resolves: rhbz#2241330 conntrack-tools-1.4.8 is available
Add new OpenPGP key that will be used for future releases, as the old/current key is revokved (but signed with the new key) Removed patches that were merged upstream
2025-07-23 18:37:23 +00:00 · 2025-07-10 16:39:10 -04:00 · 2025-01-16 14:25:39 +00:00 · 2024-07-17 19:54:41 +00:00 · 2024-01-24 07:57:25 +00:00 · 2024-01-19 16:06:01 +00:00
11 changed files with 391 additions and 4040 deletions
--- a/.gitignore
+++ b/.gitignore
@ -7,3 +7,8 @@ conntrack-tools-0.9.14.tar.bz2
 /conntrack-tools-1.4.3.tar.bz2
 /conntrack-tools-1.4.4.tar.bz2
 /conntrack-tools-1.4.5.tar.bz2
+/conntrack-tools-1.4.6.tar.bz2
+/conntrack-tools-1.4.7.tar.bz2
+/conntrack-tools-1.4.7.tar.bz2.sig
+/conntrack-tools-1.4.8.tar.xz.sig
+/conntrack-tools-1.4.8.tar.xz
--- a/NetfilterCoreTeam-OpenGPG-KEY.txt
+++ b/NetfilterCoreTeam-OpenGPG-KEY.txt
@ -0,0 +1,52 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBF+HdQgBEACzteJUJGtj3N6u5mcGh4Nu/9GQfwrrphZuI7jto2N6+ZoURded
+660mFLnax7wgIE8ugAa085jwFWbFY3FzGutUs/kDmnqy9WneYNBLIAF3ZTFfY+oi
+V1C09bBlHKDj9gSEM2TZ/qU14exKdSloqcMKSdIqLQX27w/D6WmO1crDjOKKN9F2
+zjc3uLjo1gIPrY+Kdld29aI0W4gYvNLOo+ewhVC5Q6ymWOdR3eKaP2HIAt8CYf0t
+Sx8ChHdBvXQITDmXoGPLTTiCHBoUzaJ/N8m4AZTuSUTr9g3jUNFmL48OrJjFPhHh
+KDY0V59id5nPu4RX3fa/XW+4FNlrthA5V9dQSIPh7r7uHynDtkcCHT5m4mn0NqG3
+dsUqeYQlrWKCVDTfX/WQB3Rq1tgmOssFG9kZkXcVTmis3KFP1ZAahBRB33OJgSfi
+WKc/mWLMEQcljbysbJzq74Vrjg44DNK7vhAXGoR35kjj5saduxTywdb3iZhGXEsg
+9zqV0uOIfMQsQJQCZTlkqvZibdB3xlRyiCwqlf1eHB2Vo7efWbRIizX2da4c5xUj
+IL1eSPmTV+52x1dYXpn/cSVKJAROtcSmwvMRyjuGOcTNtir0XHCxC5YYBow6tKR
+U1hrFiulCMH80HeS+u/g4SpT4lcv+x0DlN5BfWQuN5k5ZzwKb6EQs092qQARAQAB
+tCxOZXRmaWx0ZXIgQ29yZSBUZWFtIDxjb3JldGVhbUBuZXRmaWx0ZXIub3JnPokC
+VAQTAQoAPhYhBDfZZKzASYHHVQD7m9Vdl4qKFCDkBQJfh3UIAhsDBQkHhM4ABQsJ
+CAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJENVdl4qKFCDk0msQAJTIK8TLHw2IJDc6
+ZfUJc+znSNwskO+A4lwvb1vRY5qFV+CA2S1eUS4HGDWDT0sPKie6Nx4+FBczkWd
+RA+eaKDqQeS5Vzc2f0bl74un91h7yE8O2NsVnpL166MnAAk3/ACjHsZX2PzF12F6
+4stvGQFpjZRWItj0I6bvPY6CTtqVPB98a6RpdbS9kGxCCMrL3CFGDXGSjXes5KwN
+IvngmVB36wjb3QgEtQIv13jrWFfiXeuieqMRyC6Z3KNYVcvis34eGxPFD9MHrK+w
+bdw3KzMBJd7hMoVRl32Q13T/PX8H3pqWMqKaL41wHUswRt0IQjNZnRvRnlJ0VDFf
+Wep/3dFK+uQbdABuiwCiRli5mWeOMCP+qJodP1OZSGqg0VwZWUGdCGG5+qIhngOj
+QVomvJ7N4eRLU3xuPVjLoBeHzvViUPpYtWQ/YiZK5rWTJHhu88xZaysFJRaV+Uz3
+wPkeqdArRRXl1Tpy+cKy7D5BZAr7OjT1wboon23IM2DJRurbaHD8blMsjZ07pbvb
+4hdpiE6mqq7CYskDz2UGTaFfEW4bFnKtvKTXEnmcqc4mWcr2z9BBYouGmcFczgET
+tE02XejmExXV2RPUtXfLuNIbVpuXG1qhzNuXAfm+S/68XDSFrwyK8/Dgq5ga0iIP
+n8Uvz12Xu/Qde+NicogLNWF90QJ2uQINBF+HdQgBEADSTGQKWM3ni63O0bOnxgyu
+Gd3oxEk/mqu7zkU/WBKaUQRtUKFAwbjaHQBcSFjOkqcLze1/QGXiDC9hDow2mxeU
+OkTR28Dg8iw2HMJqrVodDTaSvOX18A4HCzkFvnT4prJN54tXK14YY2YLOrMm/cjP
+6Q4tE3+8MzWbdNKe9+s5aUDzDkXzvphYGnNBVbfxkLE3SMEwc2d+n3Fd1vIjx99+
+EqrGraete0fs/qtmpR/Fcp89doh4tqCRbZk8YYIQkTj3C1s91zCr/QOwX7mXhNJP
+qSu8ZwSq6WcylJNY9rs0ys1dgarqORzQ7MvT4EJ9egZV1a8XR30Jwc9sOu2hzCpz
+w/7/ivNaMbZ7pKcAQE/FqL5MstVUy4UB+RdMuW6UK1R/y8KtP6uNtYXw94jx7W9r
+QtYXk/c3v7KpGKZXLRW/NX8d6PMXAab7iGkwd1EabX/CTb4eSoxE2RTELwHXavKG
+KL6Crvmf+fObgqsDtBaIacPakcJoau1Abxg1QFYKOpCozFtmfVNzp34IKwwsrQiG
+YfHizWoH0S9nLoqvEsfnBhrdc6Aj4YwzdTGjbfyh5vBsa/pT/kcR9xLd6RF+ppoU
+gmlOMK9FuQX96YxLYjsJ6mo4rAUAh4ePTholfFYPbkDeRqS6T6W75xkuL6vI3Y+q
+d4LIktheyTMuzsrARDQZFwARAQABiQI8BBgBCgAmFiEEN9lkrMBJgcdVAPub1V2X
+iooUIOQFAl+HdQgCGwwFCQeEzgAACgkQ1V2XiooUIOTTCBAAgXcF8AzEQfK0Hqja
+4W4e6Y2xxxZmoPGz75Jgqv4GBsfTEBChVBbRBjUgYepuaV6/YSfRw9ldeqvREW7g
+XAOsKLM+Hn0BQW22oHu2UhAgjfsTC4q0BkVW06M7tnkvBV3nR9F/X9CViwxlsEYP
+qQKkjrbhYx4WDI1acGx/7O9QYR/OMeUYFns4dgVi2z91LmOybVjQLwGnqOdybNnc
+84Iw6KT4rOKmUay0fXExo6mumU3Pz5S32grJuqxgZTcf2xSY8++fsp+7zEGuO3zg
+beKn64h1+xv04N7PMbEEixJtyARGIdu4aHPWQ+ORF4JvWYhgNtbfb9YwNu8k1WlK
+z2wuNIg7/wjHEOzdmNbCUb5q3ftqSsbTTbrbo48IAYLqOWyitud0eR8tGvjcyti0
+nPxpkfBCSRMFte6+q6Gne0rOmCJgmRMXmPggFtBRM8EKZqnznZbrLyMpOMeK9diR
+/EPDVhzM1N2Jv8qnaKZ/0gsAn1ybC+P3hywmlrsolo5YzWuzMDwyE8dmT0ROUBKg
+qouIGg1l8lR7fJXhhNRt86FzSaIFoQ7MIddOVJ5WRBHzr2x22sYFj4y1f8ZLh4VZ
+Wqncl20xMa4CulNsHrzUtN3QbkOm4zSGzCLfbpW4gVfDCVkdD2bZzSfefH9UFwuB
+k/i9xRtYOSbc/q5W7u9J4dpEia4=
+=m35R
+-----END PGP PUBLIC KEY BLOCK-----
--- a/conntrack-tools-1.4.4-free-pktb-after-use.patch
+++ b/conntrack-tools-1.4.4-free-pktb-after-use.patch
@ -1,29 +0,0 @@
-From 832166dc4780e259424ebab07b42ecf42cde6fe3 Mon Sep 17 00:00:00 2001
-From: Kevin Cernekee <cernekee@chromium.org>
-Date: Fri, 27 Jan 2017 12:38:46 -0800
-Subject: conntrackd: cthelper: Free pktb after use
-
-According to valgrind, this currently leaks ~512B to 2kB for each
-packet sent to the userspace helper.
-
-Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
-Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
- src/cthelper.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/cthelper.c b/src/cthelper.c
-index 54eb830..f01c509 100644
--- a/src/cthelper.c
-+++ b/src/cthelper.c
-@@ -325,6 +325,7 @@ static int nfq_queue_cb(const struct nlmsghdr *nlh, void *data)
- 	if (pkt_verdict_issue(helper, myct, queue_num, id, verdict, pktb) < 0)
- 		goto err4;
- 
-+	pktb_free(pktb);
- 	nfct_destroy(ct);
- 	if (myct->exp != NULL)
- 		nfexp_destroy(myct->exp);
-- 
-cgit v0.12
-
--- a/conntrack-tools-1.4.4-nat_tuple-leak.patch
+++ b/conntrack-tools-1.4.4-nat_tuple-leak.patch
@ -1,57 +0,0 @@
-From 1ba5e76a368aeb9fe17d3b691df4faa0dadc4523 Mon Sep 17 00:00:00 2001
-From: Kevin Cernekee <cernekee@chromium.org>
-Date: Thu, 26 Jan 2017 16:44:24 -0800
-Subject: conntrackd: cthelper: Don't leak nat_tuple
-
-nfexp_set_attr() copies |nat_tuple| rather than taking ownership, so
-it should be freed at the end of the loop.  Some of the other helpers
-(like rpc.c) do this, but it is missing here.
-
-Reported-by: Eric Caruso <ejcaruso@chromium.org>
-Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
-Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
- src/helpers/amanda.c | 1 +
- src/helpers/ftp.c    | 1 +
- src/helpers/tftp.c   | 1 +
- 3 files changed, 3 insertions(+)
-
-diff --git a/src/helpers/amanda.c b/src/helpers/amanda.c
-index 9e6c4e7..faee1cd 100644
--- a/src/helpers/amanda.c
-+++ b/src/helpers/amanda.c
-@@ -75,6 +75,7 @@ static int nat_amanda(struct pkt_buff *pkt, uint32_t ctinfo,
- 			break;
- 		}
- 	}
-+	nfct_destroy(nat_tuple);
- 
- 	if (port == 0) {
- 		pr_debug("all ports in use\n");
-diff --git a/src/helpers/ftp.c b/src/helpers/ftp.c
-index 27ab5eb..c3aa284 100644
--- a/src/helpers/ftp.c
-+++ b/src/helpers/ftp.c
-@@ -423,6 +423,7 @@ static unsigned int nf_nat_ftp(struct pkt_buff *pkt,
- 			break;
- 		}
- 	}
-+	nfct_destroy(nat_tuple);
- 
- 	if (port == 0)
- 		return NF_DROP;
-diff --git a/src/helpers/tftp.c b/src/helpers/tftp.c
-index 45591c6..70dd28a 100644
--- a/src/helpers/tftp.c
-+++ b/src/helpers/tftp.c
-@@ -65,6 +65,7 @@ static unsigned int nat_tftp(struct pkt_buff *pkt, uint32_t ctinfo,
- 	nfexp_set_attr_u32(exp, ATTR_EXP_NAT_DIR, MYCT_DIR_REPL);
- 	nfexp_set_attr(exp, ATTR_EXP_FN, "nat-follow-master");
- 	nfexp_set_attr(exp, ATTR_EXP_NAT_TUPLE, nat_tuple);
-+	nfct_destroy(nat_tuple);
- 
- 	return NF_ACCEPT;
- }
-- 
-cgit v0.12
-
--- a/conntrack-tools-20150818.patch
+++ b/conntrack-tools-20150818.patch
--- a/conntrack-tools-c99-2.patch
+++ b/conntrack-tools-c99-2.patch
@ -0,0 +1,105 @@
+commit d417ceaa947c5f7f5d691037d0abe1deca957313
+Author: Jeremy Sowden <jeremy@azazel.net>
+Date:   Sat Aug 26 17:32:26 2023 +0100
+
+    read_config_yy: correct arguments passed to `inet_aton`
+    
+    `inet_aton` expects a `struct in_addr *`.  In a number of calls, we pass
+    pointers to structs or unions which contain a `struct in_addr` member.  Pass
+    pointers to the members instead.  In another call, we pass a pointer to a
+    uint32_t.  Cast it.
+    
+    Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
+    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+
+diff --git a/src/read_config_yy.y b/src/read_config_yy.y
+index f06c6afff7cbfd81..71a087187522efe1 100644
+--- a/src/read_config_yy.y
+++ b/src/read_config_yy.y
+@@ -246,9 +246,11 @@ multicast_options :
+ 
+ multicast_option : T_IPV4_ADDR T_IP
+ {
+	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
+
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.mcast.in)) {
+	if (!inet_aton($2, &channel_conf->u.mcast.in.inet_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -310,9 +312,11 @@ multicast_option : T_IPV6_ADDR T_IP
+ 
+ multicast_option : T_IPV4_IFACE T_IP
+ {
+	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
+
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.mcast.ifa)) {
+	if (!inet_aton($2, &channel_conf->u.mcast.ifa.interface_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -423,9 +427,11 @@ udp_options :
+ 
+ udp_option : T_IPV4_ADDR T_IP
+ {
+	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
+
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.udp.server.ipv4)) {
+	if (!inet_aton($2, &channel_conf->u.udp.server.ipv4.inet_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -456,9 +462,11 @@ udp_option : T_IPV6_ADDR T_IP
+ 
+ udp_option : T_IPV4_DEST_ADDR T_IP
+ {
+	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
+
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.udp.client)) {
+	if (!inet_aton($2, &channel_conf->u.udp.client.inet_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -574,9 +582,11 @@ tcp_options :
+ 
+ tcp_option : T_IPV4_ADDR T_IP
+ {
+	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
+
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.tcp.server.ipv4)) {
+	if (!inet_aton($2, &channel_conf->u.tcp.server.ipv4.inet_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -607,9 +617,11 @@ tcp_option : T_IPV6_ADDR T_IP
+ 
+ tcp_option : T_IPV4_DEST_ADDR T_IP
+ {
+	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
+
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.tcp.client)) {
+	if (!inet_aton($2, &channel_conf->u.tcp.client.inet_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -1239,7 +1251,7 @@ filter_address_item : T_IPV4_ADDR T_IP
+ 		}
+ 	}
+ 
+-	if (!inet_aton($2, &ip.ipv4)) {
+	if (!inet_aton($2, (struct in_addr *) &ip.ipv4)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4, ignoring", $2);
+ 		free($2);
+ 		break;
--- a/conntrack-tools-c99.patch
+++ b/conntrack-tools-c99.patch
@ -0,0 +1,75 @@
+commit 6ce497caac85f53a54e359ca57ad0f9dc379021f
+Author: Sam James <sam@gentoo.org>
+Date:   Thu Nov 24 07:57:37 2022 +0000
+
+    config: Fix -Wimplicit-function-declaration
+    
+    read_config_yy.c: In function ‘yyparse’:
+    read_config_yy.c:1765:16: warning: implicit declaration of function ‘yylex’ [-Wimplicit-function-declaration]
+     1765 |       yychar = yylex ();
+          |                ^~~~~
+    read_config_yy.c:1765:16: warning: nested extern declaration of ‘yylex’ [-Wnested-externs]
+    read_config_yy.y:120:17: warning: implicit declaration of function ‘dlog’ [-Wimplicit-function-declaration]
+      120 |                 dlog(LOG_ERR, "LogFile path is longer than %u characters",
+          |                 ^~~~
+    read_config_yy.y:120:17: warning: nested extern declaration of ‘dlog’ [-Wnested-externs]
+    read_config_yy.y:240:14: warning: implicit declaration of function ‘inet_aton’; did you mean ‘in6_pton’? [-Wimplicit-function-declaration]
+      240 |         if (!inet_aton($2, &conf.channel[conf.channel_num].u.mcast.in)) {
+          |              ^~~~~~~~~
+          |              in6_pton
+    
+    Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1637
+    Signed-off-by: Sam James <sam@gentoo.org>
+    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+
+diff --git a/src/read_config_lex.l b/src/read_config_lex.l
+index b0d9e61e0e4b92ef..5633da604be6a132 100644
+--- a/src/read_config_lex.l
+++ b/src/read_config_lex.l
+@@ -21,6 +21,7 @@
+ 
+ #include <string.h>
+ 
+#include "log.h"
+ #include "conntrackd.h"
+ #include "read_config_yy.h"
+ %}
+@@ -169,7 +170,7 @@ notrack		[N|n][O|o][T|t][R|r][A|a][C|c][K|k]
+ %%
+ 
+ int
+-yywrap()
+yywrap(void)
+ {
+ 	return 1;
+ }
+diff --git a/src/read_config_yy.y b/src/read_config_yy.y
+index 31109c4de042ccac..e5c57fd934890cbe 100644
+--- a/src/read_config_yy.y
+++ b/src/read_config_yy.y
+@@ -31,14 +31,25 @@
+ #include "cidr.h"
+ #include "helper.h"
+ #include "stack.h"
+#include "log.h"
+
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+ #include <sched.h>
+ #include <dlfcn.h>
+
+ #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
+ #include <libnetfilter_conntrack/libnetfilter_conntrack_tcp.h>
+ 
+ extern char *yytext;
+ extern int   yylineno;
+ 
+int yylex (void);
+int yyerror (char *msg);
+void yyrestart (FILE *input_file);
+
+ struct ct_conf conf;
+ 
+ static void __kernel_filter_start(void);
--- a/conntrack-tools-coverity20150818.patch
+++ b/conntrack-tools-coverity20150818.patch
@ -1,217 +0,0 @@
-diff --git a/src/cache.c b/src/cache.c
-index 7c41e54..79a024f 100644
--- a/src/cache.c
-+++ b/src/cache.c
-@@ -34,7 +34,7 @@ struct cache_feature *cache_feature[CACHE_MAX_FEATURE] = {
- };
- 
- struct cache *cache_create(const char *name, enum cache_type type,
-			   unsigned int features, 
-+			   unsigned int features,
- 			   struct cache_extra *extra,
- 			   struct cache_ops *ops)
- {
-@@ -53,7 +53,8 @@ struct cache *cache_create(const char *name, enum cache_type type,
- 		return NULL;
- 	memset(c, 0, sizeof(struct cache));
- 
-	strcpy(c->name, name);
-+	strncpy(c->name, name, CACHE_MAX_NAMELEN);
-+	c->name[CACHE_MAX_NAMELEN - 1] = '\0';
- 	c->type = type;
- 
- 	for (i = 0; i < CACHE_MAX_FEATURE; i++) {
-diff --git a/src/cthelper.c b/src/cthelper.c
-index 6537515..54eb830 100644
--- a/src/cthelper.c
-+++ b/src/cthelper.c
-@@ -277,11 +277,11 @@ static int nfq_queue_cb(const struct nlmsghdr *nlh, void *data)
- 
- 	if (!attr[NFQA_PAYLOAD]) {
- 		dlog(LOG_ERR, "packet with no payload");
-		goto err;
-+		goto err1;
- 	}
- 	if (!attr[NFQA_CT] || !attr[NFQA_CT_INFO]) {
- 		dlog(LOG_ERR, "no CT attached to this packet");
-		goto err;
-+		goto err1;
- 	}
- 
- 	pkt = mnl_attr_get_payload(attr[NFQA_PAYLOAD]);
-@@ -292,22 +292,22 @@ static int nfq_queue_cb(const struct nlmsghdr *nlh, void *data)
- 	queue_num = ntohs(nfg->res_id);
- 
- 	if (pkt_get(pkt, pktlen, ntohs(ph->hw_protocol), &protoff))
-		goto err;
-+		goto err1;
- 
- 	ct = nfct_new();
- 	if (ct == NULL)
-		goto err;
-+		goto err1;
- 
- 	if (nfct_payload_parse(mnl_attr_get_payload(attr[NFQA_CT]),
- 			       mnl_attr_get_payload_len(attr[NFQA_CT]),
- 			       l3num, ct) < 0) {
- 		dlog(LOG_ERR, "cannot convert message to CT");
-		goto err;
-+		goto err2;
- 	}
- 
- 	myct = calloc(1, sizeof(struct myct));
- 	if (myct == NULL)
-		goto err;
-+		goto err2;
- 
- 	myct->ct = ct;
- 	ctinfo = ntohl(mnl_attr_get_u32(attr[NFQA_CT_INFO]));
-@@ -315,15 +315,15 @@ static int nfq_queue_cb(const struct nlmsghdr *nlh, void *data)
- 	/* XXX: 256 bytes enough for possible NAT mangling in helpers? */
- 	pktb = pktb_alloc(AF_INET, pkt, pktlen, 256);
- 	if (pktb == NULL)
-		goto err;
-+		goto err3;
- 
- 	/* Misconfiguration: if no helper found, accept the packet. */
- 	helper = helper_run(pktb, protoff, myct, ctinfo, queue_num, &verdict);
- 	if (!helper)
-		goto err_pktb;
-+		goto err4;
- 
- 	if (pkt_verdict_issue(helper, myct, queue_num, id, verdict, pktb) < 0)
-		goto err_pktb;
-+		goto err4;
- 
- 	nfct_destroy(ct);
- 	if (myct->exp != NULL)
-@@ -333,18 +333,19 @@ static int nfq_queue_cb(const struct nlmsghdr *nlh, void *data)
- 	free(myct);
- 
- 	return MNL_CB_OK;
-err_pktb:
-+err4:
- 	pktb_free(pktb);
-err:
-+err3:
-+	free(myct);
-+err2:
-+	nfct_destroy(ct);
-+err1:
- 	/* In case of error, we don't want to disrupt traffic. We accept all.
- 	 * This is connection tracking after all. The policy is not to drop
- 	 * packet unless we enter some inconsistent state.
- 	 */
- 	pkt_verdict_error(queue_num, id);
- 
-	if (ct != NULL)
-		nfct_destroy(ct);
-
- 	return MNL_CB_OK;
- }
- 
-diff --git a/src/local.c b/src/local.c
-index 453799a..3395b4c 100644
--- a/src/local.c
-+++ b/src/local.c
-@@ -77,7 +77,7 @@ int do_local_server_step(struct local_server *server, void *data,
- 	int rfd;
- 	struct sockaddr_un local;
- 	socklen_t sin_size = sizeof(struct sockaddr_un);
-	
-+
- 	rfd = accept(server->fd, (struct sockaddr *) &local, &sin_size);
- 	if (rfd == -1)
- 		return -1;
-@@ -147,11 +147,14 @@ int do_local_request(int request,
- 
- 	ret = send(fd, &request, sizeof(int), 0);
- 	if (ret == -1)
-		return -1;
-+		goto err1;
- 
- 	do_local_client_step(fd, step);
- 
- 	local_client_destroy(fd);
-	
-+
- 	return 0;
-+err1:
-+	local_client_destroy(fd);
-+	return -1;
- }
-diff --git a/src/parse.c b/src/parse.c
-index f3ec6ac..919d36c 100644
--- a/src/parse.c
-+++ b/src/parse.c
-@@ -297,7 +297,7 @@ int msg2ct(struct nf_conntrack *ct, struct nethdr *net, size_t remain)
- 			return -1;
- 		if (attr->nta_len < NTA_LENGTH(0))
- 			return -1;
-		if (attr->nta_attr > NTA_MAX)
-+		if (attr->nta_attr >= NTA_MAX)
- 			return -1;
- 		if (h[attr->nta_attr].size &&
- 		    attr->nta_len != h[attr->nta_attr].size)
-@@ -510,7 +510,7 @@ int msg2exp(struct nf_expect *exp, struct nethdr *net, size_t remain)
- 		ATTR_NETWORK2HOST(attr);
- 		if (attr->nta_len > len)
- 			goto err;
-		if (attr->nta_attr > NTA_MAX)
-+		if (attr->nta_attr >= NTA_EXP_MAX)
- 			goto err;
- 		if (attr->nta_len < NTA_LENGTH(0))
- 			goto err;
-@@ -524,13 +524,15 @@ int msg2exp(struct nf_expect *exp, struct nethdr *net, size_t remain)
- 			attr = NTA_NEXT(attr, len);
- 			continue;
- 		}
-		switch(exp_h[attr->nta_attr].exp_attr) {
-+		switch (exp_h[attr->nta_attr].exp_attr) {
- 		case ATTR_EXP_MASTER:
- 			exp_h[attr->nta_attr].parse(master, attr->nta_attr,
- 						    NTA_DATA(attr));
-+			break;
- 		case ATTR_EXP_EXPECTED:
- 			exp_h[attr->nta_attr].parse(expected, attr->nta_attr,
- 						    NTA_DATA(attr));
-+			break;
- 		case ATTR_EXP_MASK:
- 			exp_h[attr->nta_attr].parse(mask, attr->nta_attr,
- 						    NTA_DATA(attr));
-diff --git a/src/process.c b/src/process.c
-index 7f0a395..3ddad5f 100644
--- a/src/process.c
-+++ b/src/process.c
-@@ -48,6 +48,8 @@ int fork_process_new(int type, int flags, void (*cb)(void *data), void *data)
- 
- 	if (c->pid > 0)
- 		list_add(&c->head, &process_list);
-+	else
-+		free(c);
- 
- 	return pid;
- }
-diff --git a/src/tcp.c b/src/tcp.c
-index af27c46..e570880 100644
--- a/src/tcp.c
-+++ b/src/tcp.c
-@@ -247,13 +247,11 @@ int tcp_accept(struct tcp_sock *m)
- 	/* the other peer wants to connect ... */
- 	ret = accept(m->fd, NULL, NULL);
- 	if (ret == -1) {
-		if (errno != EAGAIN) {
-			/* unexpected error. Give us another try. */
-			m->state = TCP_SERVER_ACCEPTING;
-		} else {
-			/* waiting for new connections. */
-			m->state = TCP_SERVER_ACCEPTING;
-		}
-+	/* unexpected error: Give us another try. Or we have hit
-+	 * -EAGAIN, in that case we remain in the accepting connections
-+	 * state.
-+	 */
-+	m->state = TCP_SERVER_ACCEPTING;
- 	} else {
- 		/* the peer finally got connected. */
- 		if (fcntl(ret, F_SETFL, O_NONBLOCK) == -1) {
--- a/conntrack-tools.spec
+++ b/conntrack-tools.spec
@ -1,16 +1,24 @@
-%undefine _hardened_build
 Name:           conntrack-tools
-Version:        1.4.5
-Release:        4%{?dist}
+Version:        1.4.8
+Release:        10%{?dist}
 Summary:        Manipulate netfilter connection tracking table and run High Availability
-License:        GPLv2
+License:        GPL-2.0-only
 URL:            http://conntrack-tools.netfilter.org/
-Source0:        http://netfilter.org/projects/%{name}/files/%{name}-%{version}.tar.bz2
-Source1:        conntrackd.service
-Source2:        conntrackd.conf
+Source0:        https://www.netfilter.org/pub/conntrack-tools/conntrack-tools-%{version}.tar.xz
+Source1:        https://www.netfilter.org/pub/conntrack-tools/conntrack-tools-%{version}.tar.xz.sig
+# Note this openpgp key is expired and revoked, but is the one used for the 1.4.8 signature
+Source2:        NetfilterCoreTeam-OpenGPG-KEY.txt
+# Note this is the new key, presumbly will be used in the future (it signed the old key as well)
+#Source2:        coreteam-gpg-key-0xD70D1A666ACF2B21.txt
+Source3:        conntrackd.service
+Source4:        conntrackd.conf

+BuildRequires:  autoconf
+BuildRequires:  automake
+BuildRequires:  libtool
 BuildRequires:  gcc
-BuildRequires:  libnfnetlink-devel >= 1.0.1, libnetfilter_conntrack-devel >= 1.0.7
+BuildRequires: gnupg2
+BuildRequires:  libnfnetlink-devel >= 1.0.1, libnetfilter_conntrack-devel >= 1.0.9
 BuildRequires:  libnetfilter_cttimeout-devel >= 1.0.0, libnetfilter_cthelper-devel >= 1.0.0
 BuildRequires:  libmnl-devel >= 1.0.3, libnetfilter_queue-devel >= 1.0.2
 BuildRequires:  libtirpc-devel systemd-devel
@ -21,6 +29,7 @@ Requires(post): systemd
 Requires(preun): systemd
 Requires(postun): systemd
 BuildRequires: systemd
+BuildRequires: make

 %description
 With conntrack-tools you can setup a High Availability cluster and
@ -36,19 +45,18 @@ The conntrack-tools package contains two programs:
 conntrack is used to search, list, inspect and maintain the netfilter
 connection tracking subsystem of the Linux kernel.
 Using conntrack, you can dump a list of all (or a filtered selection  of)
-currently tracked connections, delete connections from the state table, 
+currently tracked connections, delete connections from the state table,
 and even add new ones.
-In addition, you can also monitor connection tracking events, e.g. 
+In addition, you can also monitor connection tracking events, e.g.
 show an event message (one line) per newly established connection.

 %prep
-%setup -q
+%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
+%autosetup -p1

 %build
+autoreconf -fi
 %configure --disable-static --enable-systemd
-sed -i "s/DEFAULT_INCLUDES = -I./DEFAULT_INCLUDES = -I. -I\/usr\/include\/tirpc/" src/helpers/Makefile
-CFLAGS="${CFLAGS} -Wl,-z,lazy"
-CXXFLAGS="${CXXFLAGS} -Wl,-z,lazy"
 %make_build
 chmod 644 doc/sync/primary-backup.sh
 rm -f doc/sync/notrack/conntrackd.conf.orig doc/sync/alarm/conntrackd.conf.orig doc/helper/conntrackd.conf.orig
@ -58,8 +66,8 @@ rm -f doc/sync/notrack/conntrackd.conf.orig doc/sync/alarm/conntrackd.conf.orig
 find %{buildroot} -type f -name "*.la" -exec rm -f {} ';'
 mkdir -p %{buildroot}%{_sysconfdir}/conntrackd
 install -d -m 0755 %{buildroot}%{_unitdir}
-install -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/
-install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/conntrackd/
+install -m 0644 %{SOURCE3} %{buildroot}%{_unitdir}/
+install -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/conntrackd/

 %files
 %license COPYING
@ -82,9 +90,71 @@ install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/conntrackd/
 %systemd_preun conntrackd.service

 %postun
-%systemd_postun conntrackd.service 
+%systemd_postun conntrackd.service

 %changelog
+* Wed Jul 23 2025 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.8-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
+
+* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.7-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
+
+* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.7-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
+
+* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.7-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.7-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Wed Jan 17 2024 Florian Weimer <fweimer@redhat.com> - 1.4.7-5
+- Backport upstream patch to fix GCC 14 compatibility issues
+
+* Fri Aug 11 2023 Phil Sutter <psutter@redhat.com> - 1.4.7-4
+- Convert license to SPDX format
+
+* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.7-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Thu Jul 06 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 1.4.7-2
+- Remove unused autogen build dependency
+
+* Wed Jul 05 2023 Paul Wouters <paul.wouters@aiven.io - 1.4.7-1
+- Resolves: rhbz#2132747 conntrack-tools-1.4.7 is available
+- Add gpg source code verification
+- Removed patches that were merged upstream
+
+* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.6-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Tue Jan 10 2023 Florian Weimer <fweimer@redhat.com> - 1.4.6-5
+- Apply upstream patch for C99 compatibility issues
+
+* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.6-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Wed Mar 09 2022 Phil Sutter <psutter@redhat.com> - 1.4.6-3
+- Enable hardened build. Fixes rhbz#2062265
+
+* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.6-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Fri Dec 03 2021 Kevin Fenzi <kevin@scrye.com> - 1.4.6-1
+- Update to 1.4.6. Fixes rhbz#1574091
+
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.5-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.5-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.5-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.5-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
 * Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.5-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

@ -188,7 +258,7 @@ install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/conntrackd/
 - Updated to 1.0.1
 - Added daemon using systemd and configuration file
 - Removed legacy spec requirements
- Patch for: parse.c:240:34: error: 'NULL' undeclared 
+- Patch for: parse.c:240:34: error: 'NULL' undeclared

 * Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.0-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--- a/coreteam-gpg-key-0xD70D1A666ACF2B21.txt
+++ b/coreteam-gpg-key-0xD70D1A666ACF2B21.txt
@ -0,0 +1,64 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBGcLlIQBEADH+pWx2d5XgY2JCOHTVaOpbNlNfp1k9Ul0W5zaZ7EFHIGSj06E
+o3+OM0eI6+d51PnqwRE+WbV4T3ooGnfgXN4fmKgq2TwkxlhKeFSzNGMuzzuoEwD+
+2cvSF9VIrwif1o9oa9KMNfKTY/qjuWZS0QWZ08thPAf/tWpoaA3gaqYQUshj5G3w
+nTMdYlHUj7wkZCMg63tDygAe/7fDT3zurKCMbFoyiyQkp7V1SLxZpvuyuyPH6HtQ
+P5xcbXsp5ots0BgN+BplMX89DrspxJXqi7AsTf4QnC78KbchMJJxLKZQS759dQHF
+qHUTb3YdlxXFou6Si5LiBzvmqBRFj6m/WV1a8mDy5fPDkOLoTCUFHLmgvYHPJdtK
+5EqNkwYAbSnZKe9aSeVa4XhaZqyyQb9vIsKyOnwdJ/l222J95qHQapZSLcRdqgQz
+ZgxuEdOHacEaJ1IJ21CE8EtJfFA5DMZtkZNIGF3OFlXhw7YxJoPgsodtlVspQsfX
+u2FGP9yg0fd4zLgHnotKqfJQ9ZjMB6bbJUd6Au9jv0SiM+kVGeVfyaaX7TDeQ3TT
+/e44uFvkHkbYFQPcqsTalxtre6v7pMG2iu2mbkhQOC7qbL5MKMSdA93w/lF7w20b
+cwyDavEoKk9vgDjSkVjaffvdy4cESa5JY4lM4ZmzoujnAZMwbzQeGcBtqQARAQAB
+tCxOZXRmaWx0ZXIgQ29yZSBUZWFtIDxjb3JldGVhbUBuZXRmaWx0ZXIub3JnPokC
+VAQTAQoAPhYhBIxfcUahdXpl4kIqlNcNGmZqzyshBQJnC5SEAhsDBQkHhM4ABQsJ
+CAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJENcNGmZqzyshRE4P/AknD3DAWuCT7x7L
+LFIUCkfl7WUou9zMQKy62JRK/+/lNyG1dkmvBu7XWLl/+IRv1uIb25I4xwaze6GF
+8yhZDNXZLhUjComr864fMEdKNdXInAClLRNY0InkFmHw/SizvwDld4PgsLzoS+qL
+5JY4FBlYEnd4wlIwH/w3gPycmdmQNVOjeWJhDrYKGLnjolpGRQPYRME4kjasWPbK
+AWG/lpINQEB1DgtK8e6kcbUA8wSU6MMEsJjPY0o7lr9NvPfRpPXq34LjoFUXk3Hi
+Bt8OuVVMo+wTmlZWkXdknFKS4IPVxUA53oJOVMFW8divmF/l676KBogSnczoX4vR
+VW8sgDEKqb0NicKWJ2Fou+/KueY5OXsO8aZrZtXOsXIAMberdrNDYhyTUSYF8mZF
+RdL6Jcm5GbQB/zOQElgzMwPQq5AD7SkziMzGOusWjqGmu9qphed/FimVbyRhMl5B
+uDvGHthhy1KlPkqVcddN6i3/Kd/AMqXAuWMZH9FXJkUUWe+VAyeNHfEuBtSK2rqE
+zf8TYGg5Gz+oNspWuqEyWUwoH7eQkRx2GIbwu2rwcIzrh8L0rsyu+6FNNHnQfnNq
+ytbE888dxKkXeJ5T09Pp/hPwkNM8X8ZLcTTsAknrvqLNp2As49dP6iJwysfYLf/v
+3Cyvz23JNeSQiTcC4YfKLs4LtCFkiQIzBBABCgAdFiEEN9lkrMBJgcdVAPub1V2X
+iooUIOQFAmcLlJ0ACgkQ1V2XiooUIOQGJRAAsz/jYoNkSAhzvrY1t/5kSaa3Hyqi
+wpaJNIb6YCNT9JFlEvfsIlikjK28I+LNqVrWoLZyX1np8h0AGfNUPo/rLzVXzqZ/
+UHZi5AjzXM6BVnR84LahFVVLISBtjt3DvY4xvl8cIh03ShJe/yAKIXZUbxXevtnj
+M0/5bLaLjlVf3KldR+gFjUaTT1nxfkQnzxbk2yKe+1tuQzFsYPLG9Elzyagb4QYm
+97CTxim3QcO0qWweoeusBqCkh7qD/ght76JrSnzq859XS//2jaq3A5ZsX5UJk5/E
+FkzL4zersQZwQE10BByBBJbxC8DzMuGeV+eTVVHKU81cEnzZFxfyOtQBD+oHBauW
+IC/v509TiH4qhZshJwcznsDZK1xAxxm3mryVtHbfSDSqzc5r/kNQt9mijD6wdsRb
+0yQy1P2xkk1zyvOw3BRI2NVXq6+642cp21tjsY136JT/3a6KwIlIIdzIUqejbLoF
+GgGZPJiQXthfmLpDgvduD6YgaSHyhtJesX3SIGvYBdCGT69blrB7lHazYRE/xKNu
+bhnVzsaWlOXg52ChAMzsAAi5DV1669xUqRgj7zJHUq72bItZWdAvDSTIrQB4z7u8
+QW+XZsveWM2sKjzpLZjQaxdS7dFvGepYY5liA01w7Bx2lU75ejgaWrm/hlaT//RD
+Al9IQzw14mOtm0e5Ag0EZwuUhAEQANmO+fv67llu3nOZh9mcTbKa0MTT6cNjpEVU
+3MDImbN7pKTc/P+s6TVYBYn1q1U0XTXQlfh2HGdrLebAOdWW0Wcz4Kj9oOlRHOAR
+yq3mRzb9hiCB89mJcw5xNIn83d5L/IJqONSaVLKnTwfwnTVaCJYuF5yIqDMOSXgS
+C3sbGLx/yEchAhQEWUG8nm9WTybFfq98mFrHEKRGsSgfCHq6KMNn9NuhW149ZK+K
+klPXZqFyDoRHdyivt9j9hfA0lr4t6sfXEfJedzjNO2f0Z8r2sQhmw3ykYDkzEF8I
+zkgiik1Ke4+TmpD/4uL/hfgbkoVxZV6gI3M9rqs5o1glAuSFjsrGyog1EkUXplST
+Qn4ea/vQ6t1iBkTb2r3qzhK+VL7GWlvZa9DGq8btNAiOjKKqa0+3zRTXyPJAdMQM
+X+FBAhmaHJoylArEHdzv5haB7rv0aGjKV4O1ifonSGE2pllmSDbTO3exIeslLgDh
+5GqVmQW30K5JvecKnb871c0utzRLHBF34HOYgRWBcl18DGD+SzXKj1//+4AatcAB
+woNJHTEh6N3/mD3fJyWkyMwLJzo1x43Pmm1DkzioO9VMSxG7ReaH9WRDty3R83gT
+njEI0CDkG7m0nXctrsDcmBCYMSnvriWVr7kNYQ9tSi9WUa8Cs0xCmy49fF+7ihIl
+yANR2aMrABEBAAGJAjwEGAEKACYWIQSMX3FGoXV6ZeJCKpTXDRpmas8rIQUCZwuU
+hAIbDAUJB4TOAAAKCRDXDRpmas8rIZPuD/4qYhAdmCtaicOjeuMI0EhKA0O0cnXv
+BRwKXKGISZ6bt/f5fify78NQ4VdQzcpsRk1VvaEHRF5H+qxCQJ8MdzKcYpolCphj
+ir1gE+zNP7gtzH4HOBzz3/q6GK5HmqwWth3X35ySrgrhnUZZX+plm9gRIRIqmijh
+hdDp/3/2FcskQzr9UvIQDB14TbbSVAsDx5cQUM5F1nS1AAJNSrebuEcBeeM0N1HP
+tqWmcJuAHtTlk+K5yk02cgbP9926vlty1uI46UyI4t/xOxmIY6gXlcSMbBnVmB0s
+E+sKJTE7QrDpRRNiseCNLZcr/TNp9lrFpaUXz/JwXc+c1VC8UmARk9NLHsfoGz5H
+fvhiUwl96wtvu1YKIev9nfVp1bb3/XeNAVJd+hNxOlkv68s3feutvv7vQR14E8cv
+CVTXK7aAZKkWJl2n8pPohsXs5vwrsG36oFSH98jehLtzLrpgtWj6N7U8SWhI9JlT
+EaIpEL/C1foVJeSZs8Tq1sqYaw81lovDFk8wuS1eFhWeEVodJQsfCPBgsQGZ46oZ
+gWz3AU3KrB4ruNxjkJJxfgKu39pHDrv3o5ZufAHoIAHRdPTPlcH1Wi/1LLgLqHVC
+9+i7N1ClsO1/VgtYmZwzxWxsEJOcE2+vOROoVzgMh5lGhCLh6/3VTL96hIjcMp4W
+oD8ElPP+m/v6iA==
+=70vD
+-----END PGP PUBLIC KEY BLOCK-----
--- a/3
+++ b/3
@ -1 +1,2 @@
-SHA512 (conntrack-tools-1.4.5.tar.bz2) = 480fe2cc4420bc8477a2ba67b3d052bcb39c6b3ec000cff27fc12db70b42ec94fa3b5fe12ee35d439e88d9a631a33cd12ae470b69dde6d371d4e53af62a2eed1
+SHA512 (conntrack-tools-1.4.8.tar.xz.sig) = 8cd229d2e980ab1788e90fc8f53827fe1e4b21801cad6cddf6a9ff537501c40c52242cc964005b2889ad0a4548c772304db8696d4644611ecf9f091aca5c14ee
+SHA512 (conntrack-tools-1.4.8.tar.xz) = 95d8f6f068c1342ad7e767537e722272a4f5bd8b46b952713ade053a1043aa9ababbe5ce658ede9c77b6de5221b97ad8833777caffd69b67dd70a99f2b45afdf
Author	SHA1	Message	Date
Fedora Release Engineering	4f865cdfd5	Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild	2025-07-23 18:37:23 +00:00
Paul Wouters	759119fb6a	Resolves: rhbz#2241330 conntrack-tools-1.4.8 is available Add new OpenPGP key that will be used for future releases, as the old/current key is revokved (but signed with the new key) Removed patches that were merged upstream	2025-07-10 16:39:10 -04:00
Fedora Release Engineering	915941ad4f	Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild	2025-01-16 14:25:39 +00:00
Fedora Release Engineering	01bdb3a8c4	Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild	2024-07-17 19:54:41 +00:00
Fedora Release Engineering	aa97e4a702	Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild	2024-01-24 07:57:25 +00:00
Fedora Release Engineering	3b597ee85d	Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild	2024-01-19 16:06:01 +00:00
Florian Weimer	6831489ff2	Backport upstream patch to fix GCC 14 compatibility issues Related to: <https://fedoraproject.org/wiki/Changes/PortingToModernC> <https://fedoraproject.org/wiki/Toolchain/PortingToModernC>	2024-01-17 18:46:08 +01:00
Phil Sutter	0cecd76afd	Convert license to SPDX format Signed-off-by: Phil Sutter <psutter@redhat.com>	2023-08-11 20:55:05 +02:00
Fedora Release Engineering	d409463782	Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2023-07-19 16:17:28 +00:00
Yaakov Selkowitz	315ac9f6ab	Remove unused autogen build dependency	2023-07-06 23:36:53 -04:00
Paul Wouters	82ce71e64d	Resolves: rhbz#2132747 conntrack-tools-1.4.7 is available Add gpg source code verification Removed patches that were merged upstream	2023-07-05 22:35:28 -04:00
Fedora Release Engineering	6a65af4dd8	Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2023-01-19 00:25:37 +00:00
Florian Weimer	bdc967187b	Apply upstream patch for C99 compatibility issues Related to: <https://fedoraproject.org/wiki/Changes/PortingToModernC> <https://fedoraproject.org/wiki/Toolchain/PortingToModernC>	2023-01-10 09:58:51 +01:00
Fedora Release Engineering	ed6f02031e	Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2022-07-20 23:30:06 +00:00
Phil Sutter	4c3aafbb6c	Enable hardened build. Fixes rhbz#2062265	2022-03-09 15:39:42 +01:00
Fedora Release Engineering	ec71c0ac75	- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2022-01-19 23:45:40 +00:00
Kevin Fenzi	05dd5ff7f7	Update to 1.4.6. Fixes rhbz#1574091	2021-12-03 12:35:13 -08:00
Fedora Release Engineering	9ffebb5d24	- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2021-07-21 19:58:23 +00:00
Fedora Release Engineering	90723b5918	- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2021-07-21 14:59:58 +00:00
Fedora Release Engineering	81d19f5a42	- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2021-01-26 02:28:49 +00:00
Tom Stellard	42b1c74ef2	Add BuildRequires: make https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot	2020-12-17 03:51:48 +00:00
Fedora Release Engineering	96cbd06f4d	- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2020-07-27 14:29:44 +00:00
Fedora Release Engineering	db1dafdd14	- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2020-01-28 14:42:53 +00:00