Fixes a single issue: don't send out segments with no flags (no ACK either) at all, as the kernel might reset connections if it sees them (https://bugs.passt.top/show_bug.cgi?id=84, https://github.com/containers/podman/issues/22146).
https://bugs.passt.top/show_bug.cgi?id=83, that is, without explicit interface, address, or routes settings, if pasta(1) finds multiple interfaces with non-default routes for a given IP version, and no default route, it fails to start claiming a mismatch in the netlink sequence of messages used to query the kernel for routes.
Single fix for a potential issue with newer kernels where pasta(1) would terminate right away because of a mismatch in the expected netlink sequence. We don't know exactly how to reproduce the issue, see https://github.com/containers/podman/issues/22052#issuecomment-2004344989 and following, but I think the fix is critical enough as to warrant a new version.
Most notable fixes: - with --dns-forward, don't touch source IP address of DNS responses if the container/guest contacted the resolver directly (without using the address given as --dns-forward) - pasta(1) was hanging on upcoming kernel version 6.9
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2024-d2860c0bd5
Please login to add feedback.
This update has been submitted for testing by sbrivio.
This update's test gating status has been changed to 'waiting'.
This update has obsoleted passt-0^20240320.g71dd405-1.fc38, and has inherited its bugs and notes.
This update's test gating status has been changed to 'passed'.
This update has been pushed to testing.
no regressions noted
This update has been submitted for stable by bodhi.
This update has been pushed to stable.