Package "neutron-linuxbridge-agent"
Name: |
neutron-linuxbridge-agent
|
Description: |
Neutron is a virtual network service for Openstack - linuxbridge agent
|
Latest version: |
2:12.1.1-0ubuntu8.1 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
main |
Head package: |
neutron |
Links
Download "neutron-linuxbridge-agent"
Other versions of "neutron-linuxbridge-agent" in Bionic
Changelog
neutron (2:12.1.1-0ubuntu8.1) bionic-security; urgency=medium
* SECURITY UPDATE: IPv6 impersonation in Open vSwitch firewall rules
- debian/patches/CVE-2021-20267-1.patch: allow egress ICMPv6 only for
known addresses in
doc/source/contributor/internals/openvswitch_firewall.rst,
neutron/agent/linux/openvswitch_firewall/firewall.py,
neutron/tests/unit/agent/linux/openvswitch_firewall/test_firewall.py.
- debian/patches/CVE-2021-20267-2.patch: restrict IPv6 NA and DHCP(v6)
IP and MAC source addresses in neutron/agent/firewall.py,
neutron/agent/linux/openvswitch_firewall/firewall.py,
neutron/tests/unit/agent/linux/openvswitch_firewall/test_firewall.py.
- CVE-2021-20267
* SECURITY UPDATE: hardware address impersonation with ebtables-nft
- debian/patches/CVE-2021-38598.patch: make ARP protection commands
compatible with "ebtables-nft" in
neutron/plugins/ml2/drivers/linuxbridge/agent/arp_protect.py,
neutron/tests/unit/plugins/ml2/drivers/linuxbridge/agent/test_arp_protect.py.
- CVE-2021-38598
* SECURITY UPDATE: dnsmasq reconfiguration issue
- debian/patches/CVE-2021-40085.patch: remove dhcp_extra_opt value
after first newline character in neutron/agent/linux/dhcp.py,
neutron/tests/unit/agent/linux/test_dhcp.py.
- CVE-2021-40085
* SECURITY UPDATE: memory consumption via API requests
- debian/patches/CVE-2021-40797.patch: don't use singleton in
routes.middleware.RoutesMiddleware in neutron/api/extensions.py.
- CVE-2021-40797
* SECURITY UPDATE: uncontrolled resource consumption flaw
- debian/patches/CVE-2022-3277.patch: do not allow a tenant to create a
default SG for another one in neutron/db/securitygroups_db.py,
neutron/tests/unit/db/test_securitygroups_db.py.
- CVE-2022-3277
-- Marc Deslauriers <email address hidden> Tue, 18 Apr 2023 11:23:51 -0400
|
CVE-2021-20267 |
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server inst |
CVE-2021-38598 |
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft i |
CVE-2021-40085 |
An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsma |
CVE-2021-40797 |
An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API reques |
CVE-2022-3277 |
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security gr |
|
About
-
Send Feedback to @ubuntu_updates