|
About
Coreteam Contributors History License Thanks PGP key Projects iptables libnfnetlink libnetfilter_log libnetfilter_queue libnetfilter_conntrack conntrack-tools ipset nf-hipac patch-o-matic-ng ulogd Downloads SVN Repository ftp Server rsync Server News libnfnetlink release conntrack-tools 0.9.6 release libnetfilter_conntrack release iptables-1.4.0 Michael Rash's book libnetfilter_conntrack release iptables-1.4.0rc1 security announces libnetfilter_queue release libnfnetlink release conntrack-tools-0.9.5 release libnetfilter_conntrack release conntrack-tools-0.9.4 release libnetfilter_conntrack release iptables-1.3.8 conntrack-tools release libnetfilter_conntrack release Netfilter Workshop new PGP key Pablo Neira Ayuso joins core team library releases iptables-1.3.7 iptables-1.3.6 iptables-1.3.5 ulogd-1.24 ulogd-2.00beta1 library releases iptables-1.3.4 Yasuyuki Kozakai joins core team planet.netfilter.org conntrack-0.81 iptables-1.3.3 Documentation FAQ HOWTOs Events Tutorials Various other docs Security Information Mailing Lists List Rules netfilter-announce list netfilter list netfilter-devel list netfilter-failover list Contact bugzilla coreteam webmaster imprint / postal address Supporting netfilter Licensing Events Links Mirrors About website |
Security information by the netfilter projectUnfortunately, all software has bugs from time to time. Software bugs can really hurt in case the software is security software. In this section we will only cover userspace security problems. For kernel related issues, please refer to Linux kernel changelog files. Anyhow, we keep here old kernel security reports since linux 2.4.x for the record, but do not expect this section to be updated with kernel security issues.
This bug is only present in 2.6.x kernels. 2.4.x kernels are definitely not affected.
This bug has appeared only in the 2.4.20 kernel. It is not present in <= 2.4.19 or >= 2.4.21 kernels.
This bug has been fixed in the 2.4.21 kernel.
This bug has been fixed in the 2.4.20 (stable), and 2.5.32 (development) kernels.
This bug has not yet been fixed in any kernel. To work around this bug, either apply the patch provided with the advisory, or use the rule-based workaround as indicated in the advisory.
This bug has been fixed in the 2.4.18-pre9 kernel. If you need to run previous kernels, get the following patch.
A change in the semantics of the generic linked list handling code in the linux kernel has affected ingegrity of connection tracking. This bug has been fixed in the 2.4.11 kernel, and was not present in kernels up to 2.4.9. If you really need to run 2.4.10, get the latest iptables package and use patch-o-matic.
This bug has been fixed in the 2.4.11 kernel. If you need to run previous kernels, get the latest iptables package and use patch-o-matic.
This bug has been fixed in the 2.4.FIXME kernel. If you need to run previous kernels, get the latest iptables package and use patch-o-matic. |
