iptables: patch CVE-2019-11360 (security fix)

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>

package/network/utils/iptables/Makefile

@@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=iptables
 PKG_VERSION:=1.6.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://git.netfilter.org/iptables

package/network/utils/iptables/patches/900-fix-cve-2019-11360.patch

@@ -0,0 +1,13 @@
+--- a/iptables/iptables-restore.c
++++ b/iptables/iptables-restore.c
+@@ -129,6 +129,10 @@ static void add_param_to_argv(char *pars
+ 	 * longer a real hacker, but I can live with that */
+ 
+ 	for (curchar = parsestart; *curchar; curchar++) {
++		if (param_len >= sizeof(param_buffer))
++			xtables_error(PARAMETER_PROBLEM,
++			"Parameter too long!");
++
+ 		if (quote_open) {
+ 			if (escaped) {
+ 				param_buffer[param_len++] = *curchar;