Hi!

The Netfilter project proudly presents:

        iptables 1.8.12

This release contains the following fixes:

* Fix null dereference parsing bitwise operations.
* Refuse to run under file capabilities, ie. getauxval(AT_SECURE).
* Fix for all-zero mask on Big Endian in arptables-nft.
* Support adding and replacing a rule in the same batch in
  iptables-nft.

*filter
-A FORWARD -m comment --comment "new rule being replaced"
-R FORWARD 1 -m comment --comment "new replacing rule"
COMMIT

* Print -X in xtables-monitor command for base chains.
* Remove incorrect libebt_redirect translations.
* Translate bare '-m sctp' match to '-p sctp' just like TCP and UDP.
* Support for info-request and info-reply icmp types.
* Fix interface comparisons in `-C` commands in iptables-nft.
* Several fixes for ip[6]tables-translate, the tool to ease migration
  to nftables.
* Document flush behaviour with --noflush for user-defined chains.

See changelog for more details (attached to this email).

You can download this new release from:

  https://www.netfilter.org/projects/iptables/downloads.html
  https://www.netfilter.org/pub/iptables/

To build the code, libnftnl >= 1.2.6 is required:

  http://netfilter.org/projects/libnftnl/downloads.html

In case of bugs and feature requests, file them via:

  https://bugzilla.netfilter.org

Happy firewalling.

P.S: tarball and website update is available since yesterday, I could
not deliver this cover letter until today, apologies for this delay.