Here's the patch I propose to add to the package. I've filed a bug report with the stable release managers to explain the situation and ask them to accept an update.
J.
Last-Update: 2022-07-10 Forwarded: not-needed Author: Jeremy Sowden <jer...@azazel.net> Bug-Debian: https://bugs.debian.org/1014680 Description: pass correct argument to `security_skb_classify_flow` The second parameter was changed in 5.11. This change has since been back-ported to 5.10.121 and included in Debian 11.4. . This patch contains the upstream fix. --- a/extensions/xt_ECHO.c +++ b/extensions/xt_ECHO.c @@ -97,7 +97,11 @@ memcpy(&fl.daddr, &newip->daddr, sizeof(fl.daddr)); fl.fl6_sport = newudp->source; fl.fl6_dport = newudp->dest; +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 121) + security_skb_classify_flow((struct sk_buff *)oldskb, flowi6_to_flowi_common(&fl)); +#else security_skb_classify_flow((struct sk_buff *)oldskb, flowi6_to_flowi(&fl)); +#endif dst = ip6_route_output(net, NULL, &fl); if (dst == NULL || dst->error != 0) { dst_release(dst);
signature.asc
Description: PGP signature
