lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <aLYmiX_VmROr6x1o@calendula>
Date: Tue, 2 Sep 2025 01:05:10 +0200
From: Pablo Neira Ayuso <pablo@...filter.org>
To: netfilter-devel@...r.kernel.org, netfilter@...r.kernel.org
Cc: netfilter-announce@...ts.netfilter.org, lwn@....net,
	netdev@...r.kernel.org
Subject: [ANNOUNCE] nftables 1.0.6.1 (stable) release

Hi!

The Netfilter project proudly presents:

        nftables 1.0.6.1

This is a -stable release containing 412 backported fixes available up to
the nftables 1.1.4 release (from 2025-Aug-06).

This release is paired with libnftnl >= 1.2.4, and Linux kernel 6.1 -stable.

This includes:

- general fixes, mostly targeted at the evaluation phase.

- backported speed up for incremental updates and listing by relaxing
  internal object cache requirements.

- -o/--optimize fixes.

- json support fixes.

- list hooks command fixes.

- Print fallback for unsupported expressions coming from iptables-nft.

    | # iptables-nft -A FORWARD -p tcp -m osf --genre linux
    | # nft list ruleset | nft -f -
    | # Warning: table ip filter is managed by iptables-nft, do not touch!
    | /dev/stdin:4:29-31: Error: syntax error, unexpected osf, expecting string
    |               meta l4proto tcp xt match osf counter packets 0 bytes 0
    |                                         ^^^

- CPython bindings are available for nftables under the py/ folder.
  They can be installed using pip:

        python -m pip install py/

  A legacy setup.py script can also be used:

        ( cd py && python setup.py install )

... among many others.

This -stable release is funded through the NGI0 Entrust established
by NLnet (https://nlnet.nl) with support from the European Commission's
Next Generation Internet programme.

See changelog for more details (attached to this email).

You can download this new release from:

https://www.netfilter.org/projects/nftables/downloads.html
https://www.netfilter.org/pub/nftables/

To build the code, libnftnl >= 1.2.4 and libmnl >= 1.0.4 are required:

* https://netfilter.org/projects/libnftnl/index.html
* https://netfilter.org/projects/libmnl/index.html

Visit our wikipage for user documentation at:

* https://wiki.nftables.org

For the manpage reference, check man(8) nft.

In case of regressions in this release, file them via:

* https://bugzilla.netfilter.org

... else report them to netfilter-devel@...r.kernel.org.

Happy firewalling.

View attachment "changes-nftables-1.0.6.1.txt" of type "text/plain" (25035 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ