Hi Dave,
the following three patches for 2.6.28 fix a couple of netfilter issues:
- a conntrack creation race in ctnetlink that can cause NULL pointer
dereferences in ctnetlink and duplicate conntrack entries.
- a missing const qualifier that got lost during the encapsulation of
iptables target parameters
- a crash with bridge netfilter and GRE caused by a missing update_pmtu()
function for the fake dst_entry.
Please apply, thanks.
include/linux/netfilter/x_tables.h | 2 +-
net/bridge/br_netfilter.c | 13 +++++++++++++
net/netfilter/nf_conntrack_core.c | 2 --
net/netfilter/nf_conntrack_netlink.c | 5 +++--
4 files changed, 17 insertions(+), 5 deletions(-)
Herbert Xu (1):
bridge: netfilter: fix update_pmtu crash with GRE
Jan Engelhardt (1):
netfilter: xtables: add missing const qualifier to xt_tgchk_param
Patrick McHardy (1):
netfilter: ctnetlink: fix conntrack creation race
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
