Your message dated Sun, 29 Jan 2023 12:14:31 +0000 with message-id <[email protected]> and subject line Bug#932880: fixed in nftables 1.0.6-2 has caused the Debian Bug report #932880, regarding invalid octals silently parsed as zero to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 932880: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932880 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: nftables Version: 0.9.1-2 Severity: important I was aligning literal numbers with leading zeroes (instead of spaces). I found that nft treats "010" as an octal number, i.e. 010 = 8. Fine. But nft also thinks that 099 = 0! nft should error out when it encounters such an invalid octal. A simple example ruleset is shown below. #!/usr/sbin/nft --file flush ruleset add table x add chain x y add rule x y ip saddr 9 continue comment "parsed as 0.0.0.9/32" add rule x y ip saddr 09 continue comment "parsed as 0.0.0.0/32" ## This one generates an error, because "1 - 0" is an invalid interval. #add rule x y ip saddr { 01 - 09 } continue list chain x y -- System Information: Debian Release: 10.0 APT prefers stable APT policy: (990, 'stable'), (500, 'proposed-updates'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---Source: nftables Source-Version: 1.0.6-2 Done: Arturo Borrero Gonzalez <[email protected]> We believe that the bug you reported is fixed in the latest version of nftables, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Arturo Borrero Gonzalez <[email protected]> (supplier of updated nftables package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 29 Jan 2023 12:33:00 +0100 Source: nftables Architecture: source Version: 1.0.6-2 Distribution: unstable Urgency: medium Maintainer: Debian Netfilter Packaging Team <[email protected]> Changed-By: Arturo Borrero Gonzalez <[email protected]> Closes: 932880 Changes: nftables (1.0.6-2) unstable; urgency=medium . [ Jeremy Sowden ] * [5e89bdc] d/patches: add patch to fix handling of invalid octal strings (Closes: #932880) * [df007f6] d/control: bump Standards-Version to 4.6.2 Checksums-Sha1: 0439f5ce9038e2bce256d14c2fb7a3e94b88ed6a 2468 nftables_1.0.6-2.dsc b16dded019261a5aec2bfca377a7dc7624b24824 22036 nftables_1.0.6-2.debian.tar.xz 9d1a027461afe227e37f0fcdcf7e6d79897c873f 8704 nftables_1.0.6-2_amd64.buildinfo Checksums-Sha256: f06eb633b6dd582e3b294a87fb15e5ffd7e9f67ca6c4b3364ac70631959bdffb 2468 nftables_1.0.6-2.dsc 3f6ccfd466c73bcb200b785900f26e5aa212d831078c8ccfb1ce65be1f079148 22036 nftables_1.0.6-2.debian.tar.xz d7529b8e9e3345c6bcef4e5f4b8e2f45a016fe8b4c72b63b7ab79ef7befbad6d 8704 nftables_1.0.6-2_amd64.buildinfo Files: e35b1f8cf7dc43bc5f5cd5d464e6dfdd 2468 net important nftables_1.0.6-2.dsc 007bb35a1fdc58c25cc1fd7cbe34b45c 22036 net important nftables_1.0.6-2.debian.tar.xz 5d6ce1114821d4543390e33a16567a80 8704 net important nftables_1.0.6-2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJGBAEBCgAwFiEE3ZhhqyPcMzOJLgepaOcTmB0VFfgFAmPWWjwSHGFydHVyb0Bk ZWJpYW4ub3JnAAoJEGjnE5gdFRX4iKUP/3CBxJw3wKONHfcaryKicEZIW+Eg4Fln Fp/omy/4UU0h+ApOROSgUkRK/UanLplgjFb+uRv3AR01Hh9pqTKaDZSU6MdeUhuL BBpQpGqW5ANXMvv22P0NwdpPhZP7K4L2SWnyxj0gxK4LTcgl8QCwVU8dkiSecKiW PfqyCCcyq/hc9RRKZCCPMCSgJmmVTjhsm3R1ccEA01oWdgX3nEmpt76XeGAlysJl LM2bnlM50v3KEh8vlYyy8RsUsulvFob8PTkFaJC//j3NAJgKmh4/KBu3de6Kwzfi HB4g/lTlwufzsUvZSWHhGdlHaETiLuAJ+B5BcRsxCrF2l06MK9fxbja8XlmWPBZo ho1lkNt4fWnr7mTxeffk8VWkHbreCXRQCJG47YGBLvXLFSPV+4b9WsJHNo24h+Bv c1i2JNhe3sng190q2T1hdY5yPkZjEW8UFiBUhj1E+4Mttf+8bViqHfbGYjj5fNQK HzAO5GdQh3IPLp0J3efhD0t05SNS7hi/7xe7b8Ucos0dpD9RLEajvZ415TDNaxxU Djp/OYnBqn3gLmLAII2YGrZisfflRGdELBOsEXfWGKcgOjb9gyFXaVyzg1RQMhZW Njo2nXRUlRyfCn00p6yzu58xT58BR254vsAQedou+UkKq1oEC5AXh+uEKkyli1dQ bx7EQWhwvaUX =UOTf -----END PGP SIGNATURE-----
--- End Message ---
