UbuntuUpdates.org

Package "openvswitch"

Name: openvswitch

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Open vSwitch common components
  • Debug symbols for Open vSwitch packages
  • Open vSwitch documentation
  • Open vSwitch switch implementations

Latest version: 2.13.8-0ubuntu1.3
Release: focal (20.04)
Level: security
Repository: main

Links



Other versions of "openvswitch" in Focal

Repository Area Version
base main 2.13.0-0ubuntu1
base universe 2.13.0-0ubuntu1
security universe 2.13.8-0ubuntu1.3
updates main 2.13.8-0ubuntu1.3
updates universe 2.13.8-0ubuntu1.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.13.8-0ubuntu1.3 2023-11-27 02:06:50 UTC

  openvswitch (2.13.8-0ubuntu1.3) focal-security; urgency=medium

  * SECURITY UPDATE: improper flow lookup when handling specific final stage
    flow wildcards.
    - debian/patches/CVE-2023-5366.patch: seen bits from final stage added
      into stages map to get all necessary wildcards in lib/classifier.c.
    - CVE-2023-5366

 -- Evan Caville <email address hidden> Mon, 20 Nov 2023 15:38:12 +0200

Source diff to previous version
CVE-2023-5366 A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may

Version: 2.13.8-0ubuntu1.2 2023-05-10 14:07:21 UTC

  openvswitch (2.13.8-0ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: remote traffic denial of service via crafted packets
    with IP proto 0
    - debian/patches/CVE-2023-1668.patch: Always mask ip proto field in
      include/openvswitch/meta-flow.h, lib/meta-flow.c,
      ofproto/ofproto-dpif-xlate.c, tests/ofproto-dpif.at,
      tests/ofproto.at, tests/packet-type-aware.at.
    - CVE-2023-1668

 -- Marc Deslauriers <email address hidden> Wed, 12 Apr 2023 14:58:36 -0400

Source diff to previous version
CVE-2023-1668 A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying

Version: 2.13.8-0ubuntu1.1 2023-02-27 14:07:01 UTC

  openvswitch (2.13.8-0ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: issues in Organization Specific TLV
    - debian/patches/CVE-2022-433x.patch: fix bugs when parsing malformed
      AutoAttach in lib/lldp/lldp.c, tests/ofproto-dpif.at.
    - CVE-2022-4337
    - CVE-2022-4338

 -- Marc Deslauriers <email address hidden> Wed, 22 Feb 2023 08:56:25 -0500

Source diff to previous version
CVE-2022-4337 An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
CVE-2022-4338 An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.

Version: 2.13.3-0ubuntu0.20.04.2 2021-09-08 13:06:50 UTC

  openvswitch (2.13.3-0ubuntu0.20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: use-after-free in decode_NXAST_RAW_ENCAP
    - debian/patches/CVE-2021-36980.patch: get a new pointer before using
      in lib/ofp-actions.c.
    - CVE-2021-36980

 -- Marc Deslauriers <email address hidden> Mon, 26 Jul 2021 13:04:37 -0400

Source diff to previous version
CVE-2021-36980 Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) du

Version: 2.13.1-0ubuntu0.20.04.4 2021-02-10 16:07:44 UTC

  openvswitch (2.13.1-0ubuntu0.20.04.4) focal-security; urgency=medium

  * SECURITY UPDATE: packet parsing vulnerability
    - debian/patches/CVE-2020-35498.patch: support extra padding length in
      lib/conntrack.c, lib/dp-packet.h, lib/flow.c, tests/classifier.at.
    - CVE-2020-35498

 -- Marc Deslauriers <email address hidden> Thu, 28 Jan 2021 14:47:58 -0500

CVE-2020-35498 RESERVED



About   -   Send Feedback to @ubuntu_updates