UbuntuUpdates.org

Package "openvswitch-switch"

Name: openvswitch-switch

Description:

Open vSwitch switch implementations

Latest version: 2.5.9-0ubuntu0.16.04.3
Release: xenial (16.04)
Level: updates
Repository: main
Head package: openvswitch
Homepage: http://openvswitch.org/

Links


Download "openvswitch-switch"


Other versions of "openvswitch-switch" in Xenial

Repository Area Version
base main 2.5.0-0ubuntu1
security main 2.5.9-0ubuntu0.16.04.3

Changelog

Version: 2.5.9-0ubuntu0.16.04.3 2021-02-10 17:06:21 UTC

  openvswitch (2.5.9-0ubuntu0.16.04.3) xenial-security; urgency=medium

  * SECURITY UPDATE: packet parsing vulnerability
    - debian/patches/CVE-2020-35498.patch: support extra padding length in
      lib/dp-packet.h, lib/flow.c, tests/classifier.at.
    - CVE-2020-35498

 -- Marc Deslauriers <email address hidden> Thu, 28 Jan 2021 14:49:45 -0500

Source diff to previous version
CVE-2020-35498 RESERVED

Version: 2.5.9-0ubuntu0.16.04.2 2021-01-13 20:06:19 UTC

  openvswitch (2.5.9-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: buffer overflow decoding malformed packets in lldp
    - debian/patches/CVE-2015-8011.patch: check lengths in lib/lldp/lldp.c.
    - CVE-2015-8011
  * SECURITY UPDATE: Externally triggered memory leak in lldp
    - debian/patches/CVE-2020-27827.patch: properly free memory in
      lib/lldp/lldp.c.
    - CVE-2020-27827

 -- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 07:30:54 -0500

Source diff to previous version
CVE-2015-8011 Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (da
CVE-2020-27827 RESERVED

Version: 2.5.5-0ubuntu0.16.04.2 2019-01-30 14:07:00 UTC

  openvswitch (2.5.5-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: assertion failure when decoding a group mod
    - debian/patches/CVE-2018-17204.patch: don't assert-fail decoding bad
      OF1.5 group mod type or command in lib/ofp-util.c.
    - CVE-2018-17204
  * SECURITY UPDATE: buffer overread during BUNDLE action decoding
    - debian/patches/CVE-2018-17206.patch: avoid overread in
      lib/ofp-actions.c.
    - CVE-2018-17206

 -- Marc Deslauriers <email address hidden> Thu, 04 Oct 2018 11:45:07 -0400

Source diff to previous version
CVE-2018-17204 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a
CVE-2018-17206 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-r

Version: 2.5.5-0ubuntu0.16.04.1 2018-10-08 12:06:47 UTC

  openvswitch (2.5.5-0ubuntu0.16.04.1) xenial; urgency=medium

  * Bump nofiles to 1048576 for ovs daemons (LP: #1737866).
  * d/watch: Update for upstream website changes.
  * New upstream point release (LP: #1788103).
  * d/p/CVE-2017-9214.patch: Dropped, included upstream.

 -- James Page <email address hidden> Wed, 22 Aug 2018 09:36:55 +0100

Source diff to previous version
1737866 Too many open files when large number of routers on a host
1788103 [SRU] openvswitch 2.5.5
CVE-2017-9214 In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsi

Version: 2.5.4-0ubuntu0.16.04.1 2018-03-21 04:06:33 UTC

  openvswitch (2.5.4-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream point release (LP: #1726927):
    - d/p/CVE-2017-9265.patch: Drop, included upstream.

 -- James Page <email address hidden> Mon, 30 Oct 2017 10:38:01 +0000

1726927 [SRU] openvswitch 2.5.4
CVE-2017-9265 In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` i



About   -   Send Feedback to @ubuntu_updates