Hi Dave,
these patches fix a few netfilter bugs: failure to load IPv4 connection tracking
when loading the NAT module, an invalid return code in ctnetlink and a possible
NULL pointer dereference in ipt_recent. I'll pass the NULL pointer fix to
-stable once its upstream.
Please apply, thanks.
include/net/netfilter/ipv4/nf_conntrack_ipv4.h | 2 ++
net/ipv4/netfilter/ipt_recent.c | 7 ++++++-
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 6 ++++++
net/ipv4/netfilter/nf_nat_standalone.c | 2 +-
net/netfilter/nf_conntrack_netlink.c | 17 +++++++++--------
5 files changed, 24 insertions(+), 10 deletions(-)
Jesper Juhl (1):
[NETFILTER]: ipt_recent: avoid a possible NULL pointer deref in recent_seq_open()
Pablo Neira Ayuso (1):
[NETFILTER]: ctnetlink: return EEXIST instead of EINVAL for existing nat'ed conntracks
Patrick McHardy (1):
[NETFILTER]: nf_nat: add symbolic dependency on IPv4 conntrack
these patches fix a few netfilter bugs: failure to load IPv4 connection tracking
when loading the NAT module, an invalid return code in ctnetlink and a possible
NULL pointer dereference in ipt_recent. I'll pass the NULL pointer fix to
-stable once its upstream.
Please apply, thanks.
include/net/netfilter/ipv4/nf_conntrack_ipv4.h | 2 ++
net/ipv4/netfilter/ipt_recent.c | 7 ++++++-
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 6 ++++++
net/ipv4/netfilter/nf_nat_standalone.c | 2 +-
net/netfilter/nf_conntrack_netlink.c | 17 +++++++++--------
5 files changed, 24 insertions(+), 10 deletions(-)
Jesper Juhl (1):
[NETFILTER]: ipt_recent: avoid a possible NULL pointer deref in recent_seq_open()
Pablo Neira Ayuso (1):
[NETFILTER]: ctnetlink: return EEXIST instead of EINVAL for existing nat'ed conntracks
Patrick McHardy (1):
[NETFILTER]: nf_nat: add symbolic dependency on IPv4 conntrack