|
About
Coreteam Contributors History License Thanks PGP key Projects iptables nftables libnfnetlink libnetfilter_acct libnetfilter_log libnetfilter_queue libnetfilter_conntrack libnetfilter_cttimeout libnetfilter_cthelper conntrack-tools libmnl nfacct ipset nf-hipac patch-o-matic-ng ulogd xtables-addons Downloads git Repository ftp Server rsync Server News libnetfilter_conntrack 1.0.3 released iptables 1.4.18 released ulogd 2.0.2 released nfacct 1.0.1 released conntrack-tools 1.4.1 released libnetfilter_acct 1.0.2 released iptables 1.4.17 released New ulogd2 maintainer Netfilter core team updates iptables 1.4.16.3 released libnetfilter_acct 1.0.1 released libnetfilter_cthelper 1.0.0 released ulogd 2.0.1 released conntrack-tools 1.4.0 released libnetfilter_queue 1.0.2 released libnetfilter_conntrack 1.0.2 released libnfnetlink 1.0.1 released iptables 1.4.16.2 released iptables 1.4.16.1 released iptables 1.4.16 released conntrack-tools 1.2.2 released iptables 1.4.15 released ulogd 2.0.0 released conntrack-tools 1.2.1 released libmnl 1.0.3 released iptables 1.4.14 released conntrack-tools 1.2.0 released libnetfilter_cttimeout 1.0.0 released libnetfilter_conntrack 1.0.1 released security notice on conntrack helpers iptables 1.4.13 released nfacct 1.0.0 released libnetfilter_acct 1.0.0 released conntrack-tools 1.0.1 released libnetfilter_conntrack 1.0.0 released libnetfilter_log 1.0.1 released libnetfilter_queue 1.0.1 released libmnl 1.0.2 released iptables 1.4.12.2 released iptables 1.4.12.1 released new PGP keys iptables 1.4.12 released iptables 1.4.11.1 released iptables 1.4.11 released conntrack-tools 1.0.0 released libnetfilter_conntrack 0.9.1 released Documentation FAQ HOWTOs Events Tutorials Various other docs Security Information Mailing Lists List Rules netfilter-announce list netfilter list netfilter-devel list netfilter-failover list Contact bugzilla coreteam webmaster imprint / postal address Supporting netfilter Licensing Events Links Mirrors About website |
Security information by the netfilter projectUnfortunately, all software has bugs from time to time. Software bugs can really hurt in case the software is security software. In this section we will only cover userspace security problems. For kernel related issues, please refer to Linux kernel changelog files. Anyhow, we keep here old kernel security reports since linux 2.4.x for the record, but do not expect this section to be updated with kernel security issues.
This bug is only present in 2.6.x kernels. 2.4.x kernels are definitely not affected.
This bug has appeared only in the 2.4.20 kernel. It is not present in <= 2.4.19 or >= 2.4.21 kernels.
This bug has been fixed in the 2.4.21 kernel.
This bug has been fixed in the 2.4.20 (stable), and 2.5.32 (development) kernels.
This bug has not yet been fixed in any kernel. To work around this bug, either apply the patch provided with the advisory, or use the rule-based workaround as indicated in the advisory.
This bug has been fixed in the 2.4.18-pre9 kernel. If you need to run previous kernels, get the following patch.
A change in the semantics of the generic linked list handling code in the linux kernel has affected ingegrity of connection tracking. This bug has been fixed in the 2.4.11 kernel, and was not present in kernels up to 2.4.9. If you really need to run 2.4.10, get the latest iptables package and use patch-o-matic.
This bug has been fixed in the 2.4.11 kernel. If you need to run previous kernels, get the latest iptables package and use patch-o-matic.
This bug has been fixed in the 2.4.FIXME kernel. If you need to run previous kernels, get the latest iptables package and use patch-o-matic. |
