backport-set-Do-not-leave-free-d-expr_list-elements-in-place.patch

@@ -1,69 +0,0 @@
-From 2d83a7d4f58fbf6eaa9aeace49c78d91a86a3b28 Mon Sep 17 00:00:00 2001
-From: Phil Sutter <phil@nwl.cc>
-Date: Wed, 31 May 2023 14:09:09 +0200
-Subject: [PATCH] set: Do not leave free'd expr_list elements in place
-
-When freeing elements, remove them also to prevent a potential UAF.
-
-Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1685
-Fixes: 3469f09286cee ("src: add NFTNL_SET_EXPRESSIONS")
-Signed-off-by: Phil Sutter <phil@nwl.cc>
----
- src/set.c | 16 ++++++++++++----
- 1 file changed, 12 insertions(+), 4 deletions(-)
-
-diff --git a/src/set.c b/src/set.c
-index c46f827..719e596 100644
---- a/src/set.c
-+++ b/src/set.c
-@@ -54,8 +54,10 @@ void nftnl_set_free(const struct nftnl_set *s)
- 	if (s->flags & (1 << NFTNL_SET_USERDATA))
- 		xfree(s->user.data);
- 
--	list_for_each_entry_safe(expr, next, &s->expr_list, head)
-+	list_for_each_entry_safe(expr, next, &s->expr_list, head) {
-+		list_del(&expr->head);
- 		nftnl_expr_free(expr);
-+	}
- 
- 	list_for_each_entry_safe(elem, tmp, &s->element_list, head) {
- 		list_del(&elem->head);
-@@ -105,8 +107,10 @@ void nftnl_set_unset(struct nftnl_set *s, uint16_t attr)
- 		break;
- 	case NFTNL_SET_EXPR:
- 	case NFTNL_SET_EXPRESSIONS:
--		list_for_each_entry_safe(expr, tmp, &s->expr_list, head)
-+		list_for_each_entry_safe(expr, tmp, &s->expr_list, head) {
-+			list_del(&expr->head);
- 			nftnl_expr_free(expr);
-+		}
- 		break;
- 	default:
- 		return;
-@@ -210,8 +214,10 @@ int nftnl_set_set_data(struct nftnl_set *s, uint16_t attr, const void *data,
- 		s->user.len = data_len;
- 		break;
- 	case NFTNL_SET_EXPR:
--		list_for_each_entry_safe(expr, tmp, &s->expr_list, head)
-+		list_for_each_entry_safe(expr, tmp, &s->expr_list, head) {
-+			list_del(&expr->head);
- 			nftnl_expr_free(expr);
-+		}
- 
- 		expr = (void *)data;
- 		list_add(&expr->head, &s->expr_list);
-@@ -742,8 +748,10 @@ int nftnl_set_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_set *s)
- 
- 	return 0;
- out_set_expr:
--	list_for_each_entry_safe(expr, next, &s->expr_list, head)
-+	list_for_each_entry_safe(expr, next, &s->expr_list, head) {
-+		list_del(&expr->head);
- 		nftnl_expr_free(expr);
-+	}
- 
- 	return -1;
- }
--- 
-2.27.0
-

libnftnl.spec

@@ -1,12 +1,10 @@
 Name: libnftnl
-Version: 1.2.6
+Version: 1.2.1
-Release: 2
+Release: 1
 Summary: Library for low-level interaction with nftables Netlink's API over libmnl
 License: GPLv2+
 URL: http://netfilter.org/projects/libnftnl/
-Source0: http://netfilter.org/projects/libnftnl/files/%{name}-%{version}.tar.xz
+Source0: http://netfilter.org/projects/libnftnl/files/%{name}-%{version}.tar.bz2
-
-Patch6000:     backport-set-Do-not-leave-free-d-expr_list-elements-in-place.patch
 
 BuildRequires: libmnl-devel jansson-devel gcc
 
@@ -53,33 +51,6 @@ make %{?_smp_mflags} check
 %{_includedir}/libnftnl
 
 %changelog
-* Tue Sep 05 2023 shixuantong <shixuantong1@huawei.com> - 1.2.6-2 
-- Type:bugfix
-- ID:NA
-- SUG:NA
-- DESC:set: Do not leave free'd expr_list elements in place
-
-* Mon Jul 17 2023 zhangchenglin <zhangchenglin@kylinos.cn> - 1.2.6-1
-- Type:enhancement
-- ID:NA
-- SUG:NA
-- DESC:update version to 1.2.6
-
-* Sat Apr 01 2023 shixuantong <shixuantong1@huawei.com> - 1.2.5-1
-- Type:enhancement
-- ID:NA
-- SUG:NA
-- DESC:update version to 1.2.5
-
-* Thu Nov 17 2022 fuanan <fuanan3@h-partners.com> - 1.2.4-1
-- Type:enhancement
-- ID:NA
-- SUG:NA
-- DESC:update version to 1.2.4
-
-* Tue Oct 25 2022 yanglongkang <yanglongkang@h-partners.com> - 1.2.1-2
-- rebuild for next release
-
 * Tue Mar 29 2022 panxiaohe <panxh.life@foxmail.com> - 1.2.1-1
 - update to 1.2.1