[Bug 2069596] Re: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order)
Google has assigned CVE-2024-6284 to describe this issue. Many thanks to Michael from upstream for the assignment and to Cyril for raising the need \o/ The fix for https://github.com/google/nftables/issues/225 is https://github.com/google/nftables/commit/d746ecb0e494e7200180c3886fde9664d9100729 ** Bug watch added: github.com/google/nftables/issues #225 https://github.com/google/nftables/issues/225 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-6284 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069596 Title: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069596] Re: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order)
** Changed in: crowdsec-firewall-bouncer (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069596 Title: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069596] Re: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order)
Everything is in my initial report really… see what got merged into Debian 12 for last week's point release… -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069596 Title: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069596] Re: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order)
Cyril, upstream has agreed to assign a CVE. That will alert the Go ecosystem and distros to the issue and fix \o/ I will update you when I learn more. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069596 Title: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 2069596] Re: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order)
Hi, Mark Esler <2069...@bugs.launchpad.net> (2024-06-19): > Thank you for taking the time to report this Cyril. No worries at all. > Do you know if Google intends to assign a CVE? That I don't know, I've been mainly in contact with CrowdSec's upstream developers (who notified me about the problem with the Debian/Ubuntu packages) and with the various Debian teams to see how to best address this in stable (i.e. security then release teams). Note the google/nftables issue was detected and fixed a year ago already, we just failed to notice earlier. :( Cheers, -- Cyril Brulebois -- Debian Consultant @ DEBAMAX -- https://debamax.com/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069596 Title: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069596] Re: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order)
Thank you for taking the time to report this Cyril. Do you know if Google intends to assign a CVE? ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069596 Title: blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs