Package iptables updated to version 1.8.3-alt1 for branch sisyphus in task 229848.

Published: 2014-02-15
Modified: 2023-11-07

CVE-2012-2663

extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.

Severity: HIGH (7.5)

References:

[netfilter-devel] 20120330 Re: `iptables -m tcp --syn` doesn't do what the man says
https://bugzilla.redhat.com/show_bug.cgi?id=826702

Обновить iptables до версии > 1.6.0

Version: 2.1.0

Package iptables update in sisyphus on 2019-05-29

ALT-PU-2019-1927-1

Closed vulnerabilities

CVE-2012-2663

Closed bugs

Bug #36371