ELBA-2023-0950
- ULN >
- Oracle Linux Errata repository >
- ELBA-2023-0950
ELBA-2023-0950 - nftables bug fix and enhancement update
| Type: | BUG |
| Severity: | NA |
| Release Date: | 2023-02-28 |
Description
[[1.0.4-9.el9]]
- tests: add a test case for map update from packet path with concat (Phil Sutter) [2094894]
- netlink_linearize: fix timeout with map updates (Phil Sutter) [2094894]
- netlink_delinearize: fix decoding of concat data element (Phil Sutter) [2094894]
[[1.0.4-8.el9]]
- monitor: Sanitize startup race condition (Phil Sutter) [2130721]
- evaluate: set eval ctx for add/update statements with integer constants (Phil Sutter) [2094894]
- src: allow anon set concatenation with ether and vlan (Phil Sutter) [2094887]
- evaluate: search stacked header list for matching payload dep (Phil Sutter) [2094887]
- netlink_delinearize: also postprocess OP_AND in set element context (Phil Sutter) [2094887]
- tests: add a test case for ether and vlan listing (Phil Sutter) [2094887]
- debug: dump the l2 protocol stack (Phil Sutter) [2094887]
- proto: track full stack of seen l2 protocols, not just cumulative offset (Phil Sutter) [2094887]
- netlink_delinearize: postprocess binary ands in concatenations (Phil Sutter) [2094887]
- netlink_delinearize: allow postprocessing on concatenated elements (Phil Sutter) [2094887]
- intervals: check for EXPR_F_REMOVE in case of element mismatch (Phil Sutter) [2115627]
- intervals: fix crash when trying to remove element in empty set (Phil Sutter) [2115627]
- scanner: don't pop active flex scanner scope (Phil Sutter) [2113874]
- parser: add missing synproxy scope closure (Phil Sutter) [2113874]
- tests/py: Add a test for failing ipsec after counter (Phil Sutter) [2113874]
- doc: Document limitations of ipsec expression with xfrm_interface (Phil Sutter) [1806431]
[[1.0.4-7.el9]]
- One more attempt at fixing expected error records (Phil Sutter) [1973687]
[[1.0.4-6.el9]]
- Realy fix expected error records (Phil Sutter) [1973687]
[[1.0.4-5.el9]]
- Fix expected error records (Phil Sutter) [1973687]
[[1.0.4-4.el9]]
- Add expected error records for testsuite runs (Phil Sutter) [1973687]
[[1.0.4-3.el9]]
- Prevent port-shadow attacks in sample nat config (Phil Sutter) [2061940]
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 9 (aarch64) | nftables-1.0.4-9.el9_1.src.rpm | 5870fc455a87e42ad7681808108d781b | - |
| nftables-1.0.4-9.el9_1.aarch64.rpm | 02d7ae688c9fcfe195b8f542426a228f | - | |
| nftables-devel-1.0.4-9.el9_1.aarch64.rpm | bc84654c26b09f5fe04cb63ab596a711 | - | |
| python3-nftables-1.0.4-9.el9_1.aarch64.rpm | 68073e80f7ebaa6f7d6bc921eca567aa | - | |
| Oracle Linux 9 (x86_64) | nftables-1.0.4-9.el9_1.src.rpm | 5870fc455a87e42ad7681808108d781b | - |
| nftables-1.0.4-9.el9_1.i686.rpm | 8ac0554b15141b66e6b1213329243609 | - | |
| nftables-1.0.4-9.el9_1.x86_64.rpm | a31de0497960338fa8bf2db190702927 | - | |
| nftables-devel-1.0.4-9.el9_1.i686.rpm | af0137890e9791f4c698a19b94b70b02 | - | |
| nftables-devel-1.0.4-9.el9_1.x86_64.rpm | 51d722ab00925112dc7eb8a42397419e | - | |
| python3-nftables-1.0.4-9.el9_1.x86_64.rpm | 6bf4402385699c35fd6d98bbe5d0513e | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
