From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Florian Westphal <fw@strlen.de>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
Date: Tue, 12 Apr 2016 23:54:44 +0200 [thread overview]
Message-ID: <20160412215444.GA20837@salvia> (raw)
In-Reply-To: <20160408115905.GA7001@breakpoint.cc>
On Fri, Apr 08, 2016 at 01:59:05PM +0200, Florian Westphal wrote:
> > I'm starting to consider that, given that this has been broken since
> > day 1, we pass this through nf-next and then later on we request
> > inclusion for -stable.
>
> Fine with me.
Florian, I'm going to send a pull request to David, then resync and
place this into nf-next. But first I'm going to send a pull request
with the little stuff I have in that tree.
next prev parent reply other threads:[~2016-04-12 21:54 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-01 12:17 [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation Florian Westphal
2016-04-01 12:17 ` [PATCH nf 01/17] netfilter: x_tables: don't move to non-existent next rule Florian Westphal
2016-04-01 12:17 ` [PATCH nf 02/17] netfilter: x_tables: validate targets of jumps Florian Westphal
2016-04-01 12:24 ` Jan Engelhardt
2016-04-01 12:17 ` [PATCH nf 03/17] netfilter: x_tables: add and use xt_check_entry_offsets Florian Westphal
2016-04-01 12:17 ` [PATCH nf 04/17] netfilter: x_tables: kill check_entry helper Florian Westphal
2016-04-01 12:17 ` [PATCH nf 05/17] netfilter: x_tables: assert minimum target size Florian Westphal
2016-04-01 12:17 ` [PATCH nf 06/17] netfilter: x_tables: add compat version of xt_check_entry_offsets Florian Westphal
2016-04-01 12:17 ` [PATCH nf 07/17] netfilter: x_tables: check standard target size too Florian Westphal
2016-04-01 12:17 ` [PATCH nf 08/17] netfilter: x_tables: check for bogus target offset Florian Westphal
2016-04-01 12:17 ` [PATCH nf 09/17] netfilter: x_tables: validate all offsets and sizes in a rule Florian Westphal
2016-04-01 12:17 ` [PATCH nf 10/17] netfilter: ip_tables: simplify translate_compat_table args Florian Westphal
2016-04-01 12:17 ` [PATCH nf 11/17] netfilter: ip6_tables: " Florian Westphal
2016-04-01 12:17 ` [PATCH nf 12/17] netfilter: arp_tables: " Florian Westphal
2016-04-01 12:17 ` [PATCH nf 13/17] netfilter: x_tables: xt_compat_match_from_user doesn't need a retval Florian Westphal
2016-04-01 12:17 ` [PATCH nf 14/17] netfilter: x_tables: do compat validation via translate_table Florian Westphal
2016-04-01 12:17 ` [PATCH nf 15/17] netfilter: x_tables: remove obsolete overflow check for compat case too Florian Westphal
2016-04-01 12:17 ` [PATCH nf 16/17] netfilter: x_tables: remove obsolete check Florian Westphal
2016-04-01 12:17 ` [PATCH nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user Florian Westphal
2016-04-01 12:52 ` kbuild test robot
2016-04-01 13:06 ` kbuild test robot
2016-04-01 13:33 ` kbuild test robot
2016-04-01 13:37 ` [PATCH v2 " Florian Westphal
2016-04-08 11:58 ` [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation Pablo Neira Ayuso
2016-04-08 11:59 ` Florian Westphal
2016-04-12 21:54 ` Pablo Neira Ayuso [this message]
2016-04-13 22:33 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160412215444.GA20837@salvia \
--to=pablo@netfilter.org \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.