[pkg-netfilter-team] Bug#888442: Bug#888442: [nftables] Crash when list(ing) ip6tables-compat CT rules
Arturo Borrero Gonzalez
arturo at debian.org
Tue Feb 6 16:03:05 UTC 2018
Control: fixed -1 0.8.2-1
On 25 January 2018 at 17:33, Charlemagne Lasse
<charlemagnelasse at gmail.com> wrote:
> Package: nftables
> Version: 0.7-1
> Severity: important
>
> The nft list crashes when an ip6tables-compat CT rule is found also in
> iptables-compat. This is either an assert with 0.7-1 or a segfault
> with 0.8-2~bpo9+1.
This is fixed by this commit:
=== 8< ===
commit b4c7117ef552d0d71bde1db4a047b4c005699951
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Sat Jan 20 13:38:55 2018 +0100
Revert ("src: Remove xt_stmt_() functions").
Revert commit bce55916b51ec1a4c23322781e3b0c698ecc9561, we need this
code in place to properly make translation when iptables-compat loads
rules.
Reported-by: Duncan Roe <duncan_roe at optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
=== 8< ===
This commit is included in the v0.8.2 release.
More information about the pkg-netfilter-team
mailing list