UbuntuUpdates.org

Package "librte-mempool-ring20.0"

Name: librte-mempool-ring20.0

Description:

Data Plane Development Kit (librte_mempool_ring runtime library)

Latest version: 19.11.12-0ubuntu0.20.04.1
Release: focal (20.04)
Level: security
Repository: main
Head package: dpdk
Homepage: https://www.dpdk.org

Links


Download "librte-mempool-ring20.0"


Other versions of "librte-mempool-ring20.0" in Focal

Repository Area Version
base main 19.11.1-0ubuntu1
updates main 19.11.12-0ubuntu0.20.04.1

Changelog

Version: 19.11.12-0ubuntu0.20.04.1 2022-05-04 14:06:22 UTC

  dpdk (19.11.12-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Merge LTS stable release 19.11.12
    Release notes are available at:
    - https://doc.dpdk.org/guides-19.11/rel_notes/release_19_11.html#id33
    - https://doc.dpdk.org/guides-19.11/rel_notes/release_19_11.html#id37
    Among many general fixed this adresses two CVEs:
    - out of bounds write due to invalid queue number (CVE-2021-3839)
    - denial of service by injecting inflight messages (CVE-2022-0669)
    - drop d/p/u/lp-1940957-net-i40e-support-25G-AOC-ACC-cables.patch
      [in upstream]

 -- Christian Ehrhardt <email address hidden> Thu, 14 Apr 2022 08:29:10 +0200

Source diff to previous version

Version: 19.11.7-0ubuntu0.20.04.2 2021-09-08 13:06:49 UTC

  dpdk (19.11.7-0ubuntu0.20.04.2) focal-security; urgency=medium

  * No-change rebuild in -security pocket.

 -- Marc Deslauriers <email address hidden> Mon, 26 Jul 2021 13:32:23 -0400

Source diff to previous version

Version: 19.11.3-0ubuntu0.2 2020-09-28 18:06:24 UTC

  dpdk (19.11.3-0ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/CVE-2020-1437x/*.patch: added upstream patches to fix
      the issues.
    - CVE-2020-14374
    - CVE-2020-14375
    - CVE-2020-14376
    - CVE-2020-14377
    - CVE-2020-14378

 -- Marc Deslauriers <email address hidden> Thu, 17 Sep 2020 08:29:30 -0400

Source diff to previous version
CVE-2020-1437 An elevation of privilege vulnerability exists in the way that the Windows Network Location Awareness Service handles objects in memory, aka 'Windows
CVE-2020-14374 RESERVED
CVE-2020-14375 RESERVED
CVE-2020-14376 RESERVED
CVE-2020-14377 RESERVED
CVE-2020-14378 RESERVED

Version: 19.11.1-0ubuntu1.1 2020-05-18 17:06:53 UTC

  dpdk (19.11.1-0ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: Integer overflow in vhost_user_set_log_base()
    - d/p/0001-vhost-check-log-mmap-offset-and-size-overflow.patch: check
      log mmap offset and size overflow in lib/librte_vhost/vhost_user.c.
    - CVE-2020-10722
  * SECURITY UPDATE: Int truncation in vhost_user_check_and_alloc_queue_pair()
    - d/p/0002-vhost-fix-vring-index-check.patch: fix vring index check in
      lib/librte_vhost/vhost_user.c.
    - CVE-2020-10723
  * SECURITY UPDATE: Missing inputs validation in Vhost-crypto
    - d/p/0003-vhost-crypto-validate-keys-lengths.patch: validate keys
      lengths in lib/librte_vhost/vhost_crypto.c.
    - CVE-2020-10724
  * SECURITY UPDATE: Malicious guest could cause segfault by sending
    invalid Virtio descriptor
    - d/p/0004-vhost-fix-translated-address-not-checked.patch: fix
      translated address not checked in lib/librte_vhost/virtio_net.c.
    - CVE-2020-10725
  * SECURITY UPDATE: VHOST_USER_GET_INFLIGHT_FD message flooding to result
    in a DOS
    - d/p/0005-vhost-fix-potential-memory-space-leak.patch: fix potential
      memory space leak in lib/librte_vhost/vhost_user.c.
    - d/p/0006-vhost-fix-potential-fd-leak.patch: fix potential fd leak in
      lib/librte_vhost/vhost_user.c.
    - CVE-2020-10726

 -- Marc Deslauriers <email address hidden> Tue, 12 May 2020 07:34:18 -0400

CVE-2020-10722 RESERVED
CVE-2020-10723 RESERVED
CVE-2020-10724 RESERVED
CVE-2020-10725 RESERVED
CVE-2020-10726 RESERVED



About   -   Send Feedback to @ubuntu_updates