From: Patrick McHardy <kaber@xxxxxxxxx> Date: Fri, 8 Jan 2010 17:42:07 +0100 (MET) > the following patches fix a couple of bugs in netfilter and IPVS: > > - use lib/gcd in IPVS > > - add missing boundary checks for IPVS ioctl arguments, from Arjan > > - fix an out-of-bounds read in FTP conntrack, from myself > > - add missing CAP_NET_ADMIN check to ebtables, from Florian Westphal. > ebtables userspace uses IP RAW sockets to address ebtables, which > enforce CAP_NET_RAW. Any other IP socket type allows unpriviledged > access to the ebtables ruleset. > > Please apply or pull from: > > git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6.git master Pulled, thanks Patrick. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
