Package "openvswitch"

Name: openvswitch


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Open vSwitch public key infrastructure dependency package
  • Open vSwitch test package
  • Simple controller for testing OpenFlow setups
  • Open vSwitch VTEP utilities

Latest version: 2.9.7-0ubuntu0.18.04.2
Release: bionic (18.04)
Level: security
Repository: universe


Other versions of "openvswitch" in Bionic

Repository Area Version
base universe 2.9.0-0ubuntu1
base main 2.9.0-0ubuntu1
security main 2.9.7-0ubuntu0.18.04.2
updates universe 2.9.7-0ubuntu0.18.04.2
updates main 2.9.7-0ubuntu0.18.04.2
proposed main 2.9.8-0ubuntu0.18.04.1
proposed universe 2.9.8-0ubuntu0.18.04.1

Packages in group

Deleted packages are displayed in grey.


Version: 2.9.7-0ubuntu0.18.04.2 2021-01-13 18:06:19 UTC

  openvswitch (2.9.7-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: buffer overflow decoding malformed packets in lldp
    - debian/patches/CVE-2015-8011.patch: check lengths in lib/lldp/lldp.c.
    - CVE-2015-8011
  * SECURITY UPDATE: Externally triggered memory leak in lldp
    - debian/patches/CVE-2020-27827.patch: properly free memory in
    - CVE-2020-27827

 -- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 07:30:25 -0500

Source diff to previous version
CVE-2015-8011 Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (da
CVE-2020-27827 RESERVED

Version: 2.9.2-0ubuntu0.18.04.3 2019-01-30 14:07:04 UTC

  openvswitch (2.9.2-0ubuntu0.18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: assertion failure when decoding a group mod
    - debian/patches/CVE-2018-17204.patch: don't assert-fail decoding bad
      OF1.5 group mod type or command in lib/ofp-util.c.
    - CVE-2018-17204
  * SECURITY UPDATE: assertion failure when adding flows
    - debian/patches/CVE-2018-17205.patch: fix OVS crash when reverting old
      flows in bundle commit in ofproto/ofproto.c.
    - CVE-2018-17205
  * SECURITY UPDATE: buffer overread during BUNDLE action decoding
    - debian/patches/CVE-2018-17206.patch: avoid overread in
    - CVE-2018-17206

 -- Marc Deslauriers <email address hidden> Thu, 25 Oct 2018 09:48:22 -0400

CVE-2018-17204 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a
CVE-2018-17205 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows
CVE-2018-17206 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-r

About   -   Send Feedback to @ubuntu_updates