| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Sep 2012 12:54:04 +0200 From: pablo@...filter.org To: netfilter-devel@...r.kernel.org Cc: davem@...emloft.net, netdev@...r.kernel.org Subject: [PATCH 0/4] netfilter updates for 3.6-rc5 From: Pablo Neira Ayuso <pablo@...filter.org> Hi David, The following patchset contains four updates for your net tree, they are: * Fix crash on timewait sockets, since the TCP early demux was added, in nfnetlink_log, from Eric Dumazet. * Fix broken syslog log-level for xt_LOG and ebt_log since printk format was converted from <.> to a 2 bytes pattern using ASCII SOH, from Joe Perches. * Two security fixes for the TCP connection tracking targeting off-path attacks, from Jozsef Kadlecsik. The problem was discovered by Jan Wrobel and it is documented in: http://mixedbit.org/reflection_scan/reflection_scan.pdf. You can pull these changes from: git://1984.lsi.us.es/nf master Thanks! Eric Dumazet (1): netfilter: take care of timewait sockets Joe Perches (1): netfilter: log: Fix log-level processing Jozsef Kadlecsik (2): netfilter: Mark SYN/ACK packets as invalid from original direction netfilter: Validate the sequence number of dataless ACK packets as well net/bridge/netfilter/ebt_log.c | 2 +- net/netfilter/nf_conntrack_proto_tcp.c | 29 +++++++++---------------- net/netfilter/nfnetlink_log.c | 14 ++++++------ net/netfilter/xt_LOG.c | 37 ++++++++++++++++---------------- 4 files changed, 38 insertions(+), 44 deletions(-) -- 1.7.10.4 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists