Package "neutron-common"

Name: neutron-common


Neutron is a virtual network service for Openstack - common

Latest version: 2:12.1.1-0ubuntu8.1
Release: bionic (18.04)
Level: security
Repository: main
Head package: neutron


Download "neutron-common"

Other versions of "neutron-common" in Bionic

Repository Area Version
base main 2:12.0.1-0ubuntu1
updates main 2:12.1.1-0ubuntu8.1


Version: 2:12.1.1-0ubuntu8.1 2023-05-10 13:07:10 UTC

  neutron (2:12.1.1-0ubuntu8.1) bionic-security; urgency=medium

  * SECURITY UPDATE: IPv6 impersonation in Open vSwitch firewall rules
    - debian/patches/CVE-2021-20267-1.patch: allow egress ICMPv6 only for
      known addresses in
    - debian/patches/CVE-2021-20267-2.patch: restrict IPv6 NA and DHCP(v6)
      IP and MAC source addresses in neutron/agent/firewall.py,
    - CVE-2021-20267
  * SECURITY UPDATE: hardware address impersonation with ebtables-nft
    - debian/patches/CVE-2021-38598.patch: make ARP protection commands
      compatible with "ebtables-nft" in
    - CVE-2021-38598
  * SECURITY UPDATE: dnsmasq reconfiguration issue
    - debian/patches/CVE-2021-40085.patch: remove dhcp_extra_opt value
      after first newline character in neutron/agent/linux/dhcp.py,
    - CVE-2021-40085
  * SECURITY UPDATE: memory consumption via API requests
    - debian/patches/CVE-2021-40797.patch: don't use singleton in
      routes.middleware.RoutesMiddleware in neutron/api/extensions.py.
    - CVE-2021-40797
  * SECURITY UPDATE: uncontrolled resource consumption flaw
    - debian/patches/CVE-2022-3277.patch: do not allow a tenant to create a
      default SG for another one in neutron/db/securitygroups_db.py,
    - CVE-2022-3277

 -- Marc Deslauriers <email address hidden> Tue, 18 Apr 2023 11:23:51 -0400

CVE-2021-20267 A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server inst
CVE-2021-38598 OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft i
CVE-2021-40085 An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsma
CVE-2021-40797 An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API reques
CVE-2022-3277 An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security gr

About   -   Send Feedback to @ubuntu_updates