[Bug 1413242] [NEW] ipset (trusty) fails to support large timeouts; known issue -- patch available
darx
darx at sent.com
Wed Jan 21 14:53:34 UTC 2015
*** This bug is a security vulnerability ***
Public security bug reported:
current trusty ships ipset v 6.20.1-1
(http://packages.ubuntu.com/trusty/ipset).
this version fails to support large timeouts, arbitrarily & incorrectly
changing set timeout values on x86_64.
in effect, a security-relaed paramenter is set by admin, and it's either
ignored or changed arbitrarily.
it's apparently a known issue,
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=764328%3E
http://marc.info/?l=netfilter-devel&m=141293197611273&w=2
http://marc.info/?l=netfilter-devel&m=141351695203549&w=2
with a fix already in upstream for (iiuc) v > 6.23.x.
could we get a packaged version for trusty that either
(1) applies the patch
(2) backports the current ipset version, 6.24?
thanks.
** Affects: ipset (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ipset in Ubuntu.
https://bugs.launchpad.net/bugs/1413242
Title:
ipset (trusty) fails to support large timeouts; known issue -- patch
available
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipset/+bug/1413242/+subscriptions
More information about the Ubuntu-server-bugs
mailing list