diff --git a/iproute2-2.6.15-060110.dif b/iproute2-2.6.15-060110.dif
index b9575c9..75c5e7b 100644
--- a/iproute2-2.6.15-060110.dif
+++ b/iproute2-2.6.15-060110.dif
@@ -1,5 +1,16 @@
+--- include/iptables.h
++++ include/iptables.h	2007/02/08 12:49:21
+@@ -18,7 +18,7 @@
+ 
+ struct ipt_get_revision
+ {
+-	char name[IPT_FUNCTION_MAXNAMELEN-1];
++	char name[IPT_FUNCTION_MAXNAMELEN];
+ 
+ 	u_int8_t revision;
+ };
 --- lib/utils.c
-+++ lib/utils.c	2006/07/20 12:57:52
++++ lib/utils.c	2007/02/08 12:52:41
 @@ -33,6 +33,10 @@
  
  #include "utils.h"
@@ -11,3 +22,14 @@
  int get_integer(int *val, const char *arg, int base)
  {
  	long res;
+@@ -330,8 +334,8 @@
+ 
+ int inet_addr_match(const inet_prefix *a, const inet_prefix *b, int bits)
+ {
+-	__u32 *a1 = a->data;
+-	__u32 *a2 = b->data;
++	__u32 *a1 = (__u32*)a->data;
++	__u32 *a2 = (__u32*)b->data;
+ 	int words = bits >> 0x05;
+ 
+ 	bits &= 0x1f;
diff --git a/iproute2.changes b/iproute2.changes
index 5c06b21..c6dde54 100644
--- a/iproute2.changes
+++ b/iproute2.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Thu Feb  8 13:54:17 CET 2007 - ms@suse.de
+
+- fixed array size of name string in iptables.h (#243281)
+  array of size IPT_FUNCTION_MAXNAMELEN - 1 is referenced
+  at element IPT_FUNCTION_MAXNAMELEN - 1 which is outside the
+  array bounds
+
 -------------------------------------------------------------------
 Mon Jan 29 11:00:08 CET 2007 - ms@suse.de
 
diff --git a/iproute2.spec b/iproute2.spec
index e682ee4..90817e1 100644
--- a/iproute2.spec
+++ b/iproute2.spec
@@ -18,7 +18,7 @@ Group:          Productivity/Networking/Routing
 Provides:       iproute 
 Autoreqprov:    on
 Version:        2.6.15
-Release:        50
+Release:        52
 Summary:        Advanced Routing
 URL:            http://developer.osdl.org/dev/iproute2/
 Source0:        %name-%version-%dateversion.tar.bz2
@@ -114,6 +114,11 @@ rm -rf $RPM_BUILD_ROOT
 %_libdir/lib*
 
 %changelog -n iproute2
+* Thu Feb 08 2007 - ms@suse.de
+- fixed array size of name string in iptables.h (#243281)
+  array of size IPT_FUNCTION_MAXNAMELEN - 1 is referenced
+  at element IPT_FUNCTION_MAXNAMELEN - 1 which is outside the
+  array bounds
 * Mon Jan 29 2007 - ms@suse.de
 - fixed wrong IPT_LIB_DIR value and replaced the code by a
   dynamic check for the /usr/%%lib/iptables directory (#238886)