| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210306121223.28711-1-pablo@netfilter.org>
Date: Sat, 6 Mar 2021 13:12:14 +0100
From: Pablo Neira Ayuso <pablo@...filter.org>
To: netfilter-devel@...r.kernel.org
Cc: davem@...emloft.net, netdev@...r.kernel.org, kuba@...nel.org
Subject: [PATCH net 0/9] Netfilter fixes for net
Hi,
The following patchset contains Netfilter fixes for net:
1) Fix incorrect enum type definition in nfnetlink_cthelper UAPI,
from Dmitry V. Levin.
2) Remove extra space in deprecated automatic helper assignment
notice, from Klemen Košir.
3) Drop early socket demux socket after NAT mangling, from
Florian Westphal. Add a test to exercise this bug.
4) Fix bogus invalid packet report in the conntrack TCP tracker,
also from Florian.
5) Fix access to xt[NFPROTO_UNSPEC] list with no mutex
in target/match_revfn(), from Vasily Averin.
6) Disallow updates on the table ownership flag.
7) Fix double hook unregistration of tables with owner.
8) Remove bogus check on the table owner in __nft_release_tables().
Please, pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
Thanks!
----------------------------------------------------------------
The following changes since commit eee7ede695cfbb19fefdeb14992535b605448f35:
Merge branch 'bnxt_en-error-recovery-bug-fixes' (2021-02-26 15:50:25 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git HEAD
for you to fetch changes up to bd1777b3a88f98e223392221b330668458aac7f1:
netfilter: nftables: bogus check for netlink portID with table owner (2021-03-04 04:02:54 +0100)
----------------------------------------------------------------
Dmitry V. Levin (1):
uapi: nfnetlink_cthelper.h: fix userspace compilation error
Florian Westphal (3):
netfilter: nf_nat: undo erroneous tcp edemux lookup
netfilter: conntrack: avoid misleading 'invalid' in log message
selftests: netfilter: test nat port clash resolution interaction with tcp early demux
Klemen Košir (1):
netfilter: conntrack: Remove a double space in a log message
Pablo Neira Ayuso (3):
netfilter: nftables: disallow updates on table ownership
netfilter: nftables: fix possible double hook unregistration with table owner
netfilter: nftables: bogus check for netlink portID with table owner
Vasily Averin (1):
netfilter: x_tables: gpf inside xt_find_revision()
include/uapi/linux/netfilter/nfnetlink_cthelper.h | 2 +-
net/netfilter/nf_conntrack_helper.c | 3 +-
net/netfilter/nf_conntrack_proto_tcp.c | 6 +-
net/netfilter/nf_nat_proto.c | 25 +++++-
net/netfilter/nf_tables_api.c | 19 +++--
net/netfilter/x_tables.c | 6 +-
tools/testing/selftests/netfilter/Makefile | 2 +-
tools/testing/selftests/netfilter/nf_nat_edemux.sh | 99 ++++++++++++++++++++++
8 files changed, 145 insertions(+), 17 deletions(-)
create mode 100755 tools/testing/selftests/netfilter/nf_nat_edemux.sh
Powered by blists - more mailing lists