From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> Date: Thu, 20 Nov 2014 13:30:49 +0100 > The following patchset contains two bugfixes for your net tree, they are: > > 1) Validate netlink group from nfnetlink to avoid an out of bound array > access. This should only happen with superuser priviledges though. > Discovered by Andrey Ryabinin using trinity. > > 2) Don't push ethernet header before calling the netfilter output hook > for multicast traffic, this breaks ebtables since it expects to see > skb->data pointing to the network header, patch from Linus Luessing. > > You can pull these changes from: > > git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git Pulled, thanks Pablo. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
