File _patchinfo of Package patchinfo.4633

<patchinfo incident="4633">
  <issue id="961258" tracker="bnc">reference to non-existing unit in SuSE2firewall_init.service</issue>
  <issue id="938727" tracker="bnc">FATE#316521: Fix old SUSE spelling :  SuSEFirewall</issue>
  <issue id="847193" tracker="bnc">Kernel log flooded with SFW2-INext-DROP-DEFLT messages</issue>
  <issue id="841046" tracker="bnc">SuSEfirewall2: support IPv6 in FW_TRUSTED_NETS</issue>
  <issue id="906136" tracker="bnc">No way to set secure_redirects to 0 with SuSEfirewall2</issue>
  <issue id="1014987" tracker="bnc">sporadic failure of SuSEfirewall2_init during boot</issue>
  <issue id="785299" tracker="bnc">SuSEfirewall: FW_BOOT_FULL_INIT only works for physical interfaces</issue>
  <issue id="316521" tracker="fate"/>
  <category>recommended</category>
  <rating>moderate</rating>
  <packager>mgerstner</packager>
  <description>
This update for SuSEfirewall2 fixes the following issues:

- Install symlink to SuSEfirewall2 with the updated SUSE spelling. (bsc#938727, fate#316521)
- Remove basic.target to avoid loop with SuSEfirewall2. (bsc#961258)
- Ignore the bootlock when incremental updates for hotplugged or virtual devices
  are coming in during boot. This prevents lockups for example when drbd is used
  with FW_BOOT_FULL_INIT. (bsc#785299)
- Support for IPv6 in FW_TRUSTED_NETS config variable. (bsc#841046)
- Don't log dropped broadcast IPv6 broadcast/multicast packets by default to avoid cluttering
  the kernel log. (bsc#847193)
- Only apply FW_KERNEL_SECURITY proc settings, if not overriden by the administrator in
  /etc/sysctl.conf. This allows you to benefit from some of the kernel security settings,
  while overwriting others. (bsc#906136)
- Fix a race condition in systemd unit files that could cause the SuSEfirewall2_init unit
  to sporadically fail, because /tmp was not there/writable yet. (bsc#1014987)
</description>
  <summary>Recommended update for SuSEfirewall2</summary>
</patchinfo>