On Tue, Nov 25, 2014 at 01:26:29PM +0100, Jesper Dangaard Brouer wrote: > On Tue, 25 Nov 2014 00:14:46 +0100 > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > > This reverts commit 5195c14c8b27cc0b18220ddbf0e5ad3328a04187. > > > > If the conntrack clashes with an existing one, it is left out of > > the unconfirmed, thus, crashing when dropping the packet and > > releasing the conntrack. > > > > Reported-by: Daniel Borkmann <dborkman@xxxxxxxxxx> > > Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=88841 > > Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> > > --- > > I prefer to revert the original fix and replace it by the follow up to > > pass one single patch to -stable. > > I'm fine with the revert. No problem. It would be great if I can get some feedback on the alternative I'm proposing to resolve this (see patch 2/2 in this series). Thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
