From: Pablo Neira Ayuso <pa...@netfilter.org> Date: Mon, 28 Mar 2016 19:57:53 +0200
> The following patchset contains Netfilter fixes for you net tree, > they are: ... > This batch comes with four patches to validate x_tables blobs coming > from userspace. CONFIG_USERNS exposes the x_tables interface to > unpriviledged users and to be honest this interface never received the > attention for this move away from the CAP_NET_ADMIN domain. Florian is > working on another round with more patches with more sanity checks, so > expect a bit more Netfilter fixes in this development cycle than usual. > > You can pull these changes from: > > git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git Looks good, pulled, thanks Pablo!
