[0/1] ipset patch for nf

Message ID	1457466260-20373-1-git-send-email-kadlec@blackhole.kfki.hu
State	Accepted
Delegated to:	Pablo Neira
Headers	show Return-Path: <netfilter-devel-owner@vger.kernel.org> From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> To: netfilter-devel@vger.kernel.org Cc: Pablo Neira Ayuso <pablo@netfilter.org> Subject: [PATCH 0/1] ipset patch for nf Date: Tue, 8 Mar 2016 20:44:19 +0100 Message-Id: <1457466260-20373-1-git-send-email-kadlec@blackhole.kfki.hu> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk

Message ID

1457466260-20373-1-git-send-email-kadlec@blackhole.kfki.hu

State

Accepted

Delegated to:

Pablo Neira

Headers

From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
To: netfilter-devel@vger.kernel.org
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Subject: [PATCH 0/1] ipset patch for nf
Date: Tue,  8 Mar 2016 20:44:19 +0100
Message-Id: <1457466260-20373-1-git-send-email-kadlec@blackhole.kfki.hu>
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk

Message

Jozsef Kadlecsik March 8, 2016, 7:44 p.m. UTC

Hi Pablo,

Please apply the next patch against the nf tree:

- Julia Lawall pointed out that IPSET_ATTR_ETHER netlink attribute
  length was not checked explicitly. The patch adds the missing
  checkings.

The patch should be applied to the older stable kernel branches too.

Best regards,
Jozsef

The following changes since commit 45040978c8994d1401baf5cc5ac71c1495d4e120:

  netfilter: ipset: Fix set:list type crash when flush/dump set in parallel (2016-02-24 20:32:21 +0100)

are available in the git repository at:

  git://blackhole.kfki.hu/nf master

for you to fetch changes up to d8aacd87180141ff6b812b53de77a4336e87c91a:

  netfilter: ipset: Check IPSET_ATTR_ETHER netlink attribute length (2016-03-08 20:36:17 +0100)

----------------------------------------------------------------
Jozsef Kadlecsik (1):
      netfilter: ipset: Check IPSET_ATTR_ETHER netlink attribute length

 net/netfilter/ipset/ip_set_bitmap_ipmac.c | 2 ++
 net/netfilter/ipset/ip_set_hash_mac.c     | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

Pablo Neira Ayuso March 10, 2016, 6:28 p.m. UTC | #1

On Tue, Mar 08, 2016 at 08:44:19PM +0100, Jozsef Kadlecsik wrote:
> Hi Pablo,
> 
> Please apply the next patch against the nf tree:
> 
> - Julia Lawall pointed out that IPSET_ATTR_ETHER netlink attribute
>   length was not checked explicitly. The patch adds the missing
>   checkings.
> 
> The patch should be applied to the older stable kernel branches too.
> 
> Best regards,
> Jozsef
> 
> The following changes since commit 45040978c8994d1401baf5cc5ac71c1495d4e120:
> 
>   netfilter: ipset: Fix set:list type crash when flush/dump set in parallel (2016-02-24 20:32:21 +0100)
> 
> are available in the git repository at:
> 
>   git://blackhole.kfki.hu/nf master

This patch also came with the previous pull, so this will show up in
the nf-next tree too.

Thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[0/1] ipset patch for nf

Pull-request

Message

Comments