ACK: [SRU][O/J][PATCH 0/1] Fix ip6tables-restore failure
Roxana Nicolescu
roxana.nicolescu at canonical.com
Wed Dec 18 08:46:27 UTC 2024
On 18/12/2024 09:32, Koichiro Den wrote:
> BugLink: https://bugs.launchpad.net/bugs/2091990
>
> SRU Justification
>
> [Impact]
>
> Upstream commit 0bfcb7b71e73 ("netfilter: xtables: avoid NFPROTO_UNSPEC
> where needed") was backported to Oracular and Jammy kernels via stable
> upstream update (v6.11.4 and v5.15.168 respectively; see LP: #2089068 and
> LP: #2086242). However this commit contained a typo, resulting in serious
> regressions (see: LP: #2091990). Although a fix has been submitted
> upstream, neither Oracular nor Jammy kernels include it yet. This SRU patch
> backports the fix to address the issue.
>
> Note that for Oracular, no released kernel is not affected; only the
> master-next branch is affected.
>
> [Fix]
>
> Backport upstream commit 306ed1728e84 ("netfilter: xtables: fix typo
> causing some targets not to load on IPv6") based on the commits from stable
> branches.
>
> [Test Plan]
>
> Verify the issue is resolved with this patch applied, using internal
> infrastructure.
>
> [Where problems could occur]
>
> This change impacts netfilter. If any further regressions found, they would
> likely impact netfilter users.
>
>
> Pablo Neira Ayuso (1):
> netfilter: xtables: fix typo causing some targets not to load on IPv6
>
> net/netfilter/xt_NFLOG.c | 2 +-
> net/netfilter/xt_TRACE.c | 1 +
> net/netfilter/xt_mark.c | 2 +-
> 3 files changed, 3 insertions(+), 2 deletions(-)
>
Acked-by: Roxana Nicolescu <roxana.nicolescu at canonical.com>
More information about the kernel-team
mailing list