UbuntuUpdates.org

Package "openvswitch-vtep"

Name: openvswitch-vtep

Description:

Open vSwitch VTEP utilities

Latest version: 2.9.8-0ubuntu0.18.04.5
Release: bionic (18.04)
Level: security
Repository: universe
Head package: openvswitch
Homepage: http://openvswitch.org/

Links


Download "openvswitch-vtep"


Other versions of "openvswitch-vtep" in Bionic

Repository Area Version
base universe 2.9.0-0ubuntu1
updates universe 2.9.8-0ubuntu0.18.04.5

Changelog

Version: 2.9.2-0ubuntu0.18.04.3 2019-01-30 14:07:04 UTC

  openvswitch (2.9.2-0ubuntu0.18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: assertion failure when decoding a group mod
    - debian/patches/CVE-2018-17204.patch: don't assert-fail decoding bad
      OF1.5 group mod type or command in lib/ofp-util.c.
    - CVE-2018-17204
  * SECURITY UPDATE: assertion failure when adding flows
    - debian/patches/CVE-2018-17205.patch: fix OVS crash when reverting old
      flows in bundle commit in ofproto/ofproto.c.
    - CVE-2018-17205
  * SECURITY UPDATE: buffer overread during BUNDLE action decoding
    - debian/patches/CVE-2018-17206.patch: avoid overread in
      lib/ofp-actions.c.
    - CVE-2018-17206

 -- Marc Deslauriers <email address hidden> Thu, 25 Oct 2018 09:48:22 -0400

CVE-2018-17204 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a
CVE-2018-17205 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows
CVE-2018-17206 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-r



About   -   Send Feedback to @ubuntu_updates