lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20150316135414.GA25978@kroah.com>
Date:	Mon, 16 Mar 2015 14:54:14 +0100
From:	Greg KH <gregkh@...uxfoundation.org>
To:	David Miller <davem@...hat.com>
Cc:	fw@...len.de, david@...olicited.net, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org, pablo@...filter.org,
	stable@...r.kernel.org
Subject: Re: iptables problem upgrading kernel from 3.18.8 to 3.19.1

On Thu, Mar 12, 2015 at 03:47:56PM -0400, David Miller wrote:
> From: Florian Westphal <fw@...len.de>
> Date: Sun, 8 Mar 2015 18:55:53 +0100
> 
> > David R <david@...olicited.net> wrote:
> > 
> > [ CC Pablo & stable@ ]
> > 
> >> I've just had an exception to my "uneventful kernel upgrade" monotony.
> >> 
> >> My boot scripts failed when setting up the firewall due to this :-
> >> 
> >>     xt_recent: hitcount (1) is larger than packets to be remembered (1)
> >> for table xxxx
> >> 
> >> This is a completely straightforward
> >> 
> >>     iptables -A yyyy -j REJECT -p tcp --reject-with tcp-reset -m recent
> >> --set --name xxxx --rsource
> >> 
> >> Looking at the history for xt_recent.c it looks like this was introduced
> >> in abc86d0f99242b7f142b7cb8f90e30081dd3c256 but maybe corrected in
> >> cef9ed86ed62eeffcd017882278bbece32001f86 ?
> > 
> > Right.  I would recommend to revert abc86d0f99242b7f142b7cb8f90e30081dd3c256
> > in 3.19.y series rather than applying cef9ed86ed62, though.
> 
> Greg, please queue up a revert of abc86d0f99242b7f142b7cb8f90e30081dd3c256 for
> 3.19.x -stable, if you haven't done so already.

Now done, thanks.

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ