All of lore.kernel.org
 help / color / mirror / Atom feed
From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org, kuba@kernel.org,
	pabeni@redhat.com, edumazet@google.com
Subject: [PATCH net 0/6] Netfilter fixes for net
Date: Tue, 27 Jun 2023 08:52:58 +0200	[thread overview]
Message-ID: <20230627065304.66394-1-pablo@netfilter.org> (raw)

Hi,

The following patchset contains Netfilter fixes for net:

1) Reset shift on Boyer-Moore string match for each block,
   from Jeremy Sowden.

2) Fix acccess to non-linear area in DCCP conntrack helper,
   from Florian Westphal.

3) Fix kernel-doc warnings, by Randy Dunlap.

4) Bail out if expires= does not show in SIP helper message,
   or make ct_sip_parse_numerical_param() tristate and report
   error if expires= cannot be parsed.

5) Unbind non-anonymous set in case rule construction fails.

6) Fix underflow in chain reference counter in case set element
   already exists or it cannot be created.

Please, pull these changes from:

  git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git nf-23-06-27

Thanks.

----------------------------------------------------------------

The following changes since commit 6709d4b7bc2e079241fdef15d1160581c5261c10:

  net: nfc: Fix use-after-free caused by nfc_llcp_find_local (2023-06-26 10:57:23 +0100)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git tags/nf-23-06-27

for you to fetch changes up to b389139f12f287b8ed2e2628b72df89a081f0b59:

  netfilter: nf_tables: fix underflow in chain reference counter (2023-06-26 17:18:55 +0200)

----------------------------------------------------------------
netfilter pull request 23-06-27

----------------------------------------------------------------
Florian Westphal (1):
      netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one

Ilia.Gavrilov (1):
      netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.

Jeremy Sowden (1):
      lib/ts_bm: reset initial match offset for every block of text

Pablo Neira Ayuso (2):
      netfilter: nf_tables: unbind non-anonymous set if rule construction fails
      netfilter: nf_tables: fix underflow in chain reference counter

Randy Dunlap (1):
      linux/netfilter.h: fix kernel-doc warnings

 include/linux/netfilter.h               |  4 +--
 lib/ts_bm.c                             |  4 ++-
 net/netfilter/nf_conntrack_proto_dccp.c | 52 +++++++++++++++++++++++++++++++--
 net/netfilter/nf_conntrack_sip.c        |  2 +-
 net/netfilter/nf_tables_api.c           |  6 +++-
 5 files changed, 60 insertions(+), 8 deletions(-)

             reply	other threads:[~2023-06-27  6:53 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-06-27  6:52 Pablo Neira Ayuso [this message]
2023-06-27  6:52 ` [PATCH net 1/6] lib/ts_bm: reset initial match offset for every block of text Pablo Neira Ayuso
2023-06-27 11:00   ` patchwork-bot+netdevbpf
2023-06-27  6:53 ` [PATCH net 2/6] netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Pablo Neira Ayuso
2023-06-27  6:53 ` [PATCH net 3/6] linux/netfilter.h: fix kernel-doc warnings Pablo Neira Ayuso
2023-06-27  6:53 ` [PATCH net 4/6] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value Pablo Neira Ayuso
2023-06-27  6:53 ` [PATCH net 5/6] netfilter: nf_tables: unbind non-anonymous set if rule construction fails Pablo Neira Ayuso
2023-06-27  6:53 ` [PATCH net 6/6] netfilter: nf_tables: fix underflow in chain reference counter Pablo Neira Ayuso
  -- strict thread matches above, loose matches on Subject: below --
2024-05-22 23:13 [PATCH net 0/6] Netfilter fixes for net Pablo Neira Ayuso
2024-04-04 10:43 Pablo Neira Ayuso
2024-01-31 22:59 Pablo Neira Ayuso
2024-01-24 19:12 Pablo Neira Ayuso
2023-12-06 18:03 Pablo Neira Ayuso
2023-11-15 18:45 Pablo Neira Ayuso
2023-07-05 23:04 Pablo Neira Ayuso
2022-02-10 23:10 Pablo Neira Ayuso
2022-02-04 15:18 Pablo Neira Ayuso
2021-07-23 15:54 Pablo Neira Ayuso

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230627065304.66394-1-pablo@netfilter.org \
    --to=pablo@netfilter.org \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=kuba@kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=pabeni@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.