UbuntuUpdates.org

Package "openvswitch-switch"

Name: openvswitch-switch

Description:

Open vSwitch switch implementations
Latest version: 2.9.8-0ubuntu0.18.04.5
Release: bionic (18.04)
Level: security
Repository: main
Head package: openvswitch
Homepage: http://openvswitch.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "openvswitch-switch"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "openvswitch-switch" in Bionic

Repository Area Version
base main 2.9.0-0ubuntu1
updates main 2.9.8-0ubuntu0.18.04.5

Changelog

Version: 2.9.2-0ubuntu0.18.04.3 2019-01-30 14:07:03 UTC

  openvswitch (2.9.2-0ubuntu0.18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: assertion failure when decoding a group mod
    - debian/patches/CVE-2018-17204.patch: don't assert-fail decoding bad
      OF1.5 group mod type or command in lib/ofp-util.c.
    - CVE-2018-17204
  * SECURITY UPDATE: assertion failure when adding flows
    - debian/patches/CVE-2018-17205.patch: fix OVS crash when reverting old
      flows in bundle commit in ofproto/ofproto.c.
    - CVE-2018-17205
  * SECURITY UPDATE: buffer overread during BUNDLE action decoding
    - debian/patches/CVE-2018-17206.patch: avoid overread in
      lib/ofp-actions.c.
    - CVE-2018-17206

 -- Marc Deslauriers <email address hidden> Thu, 25 Oct 2018 09:48:22 -0400
CVE-2018-17204 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a
CVE-2018-17205 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows
CVE-2018-17206 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-r


About   -   Send Feedback to @ubuntu_updates