UbuntuUpdates.org

Package "ovn-host"

Name: ovn-host

Description:

OVN host components

Latest version: 2.5.9-0ubuntu0.16.04.3
Release: xenial (16.04)
Level: security
Repository: universe
Head package: openvswitch
Homepage: http://openvswitch.org/

Links


Download "ovn-host"


Other versions of "ovn-host" in Xenial

Repository Area Version
base universe 2.5.0-0ubuntu1
updates universe 2.5.9-0ubuntu0.16.04.3

Changelog

Version: 2.5.9-0ubuntu0.16.04.3 2021-02-10 19:06:54 UTC

  openvswitch (2.5.9-0ubuntu0.16.04.3) xenial-security; urgency=medium

  * SECURITY UPDATE: packet parsing vulnerability
    - debian/patches/CVE-2020-35498.patch: support extra padding length in
      lib/dp-packet.h, lib/flow.c, tests/classifier.at.
    - CVE-2020-35498

 -- Marc Deslauriers <email address hidden> Thu, 28 Jan 2021 14:49:45 -0500

Source diff to previous version
CVE-2020-35498 RESERVED

Version: 2.5.9-0ubuntu0.16.04.2 2021-01-13 18:06:17 UTC

  openvswitch (2.5.9-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: buffer overflow decoding malformed packets in lldp
    - debian/patches/CVE-2015-8011.patch: check lengths in lib/lldp/lldp.c.
    - CVE-2015-8011
  * SECURITY UPDATE: Externally triggered memory leak in lldp
    - debian/patches/CVE-2020-27827.patch: properly free memory in
      lib/lldp/lldp.c.
    - CVE-2020-27827

 -- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 07:30:54 -0500

Source diff to previous version
CVE-2015-8011 Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (da
CVE-2020-27827 RESERVED

Version: 2.5.5-0ubuntu0.16.04.2 2019-01-30 14:07:00 UTC

  openvswitch (2.5.5-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: assertion failure when decoding a group mod
    - debian/patches/CVE-2018-17204.patch: don't assert-fail decoding bad
      OF1.5 group mod type or command in lib/ofp-util.c.
    - CVE-2018-17204
  * SECURITY UPDATE: buffer overread during BUNDLE action decoding
    - debian/patches/CVE-2018-17206.patch: avoid overread in
      lib/ofp-actions.c.
    - CVE-2018-17206

 -- Marc Deslauriers <email address hidden> Thu, 04 Oct 2018 11:45:07 -0400

Source diff to previous version
CVE-2018-17204 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a
CVE-2018-17206 An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-r

Version: 2.5.2-0ubuntu0.16.04.2 2017-10-11 14:06:59 UTC

  openvswitch (2.5.2-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS while parsing OFPT_QUEUE_GET_CONFIG_REPLY message
    - debian/patches/CVE-2017-9214.patch: properly check length in
      lib/ofp-util.c.
    - CVE-2017-9214
  * SECURITY UPDATE: DoS while parsing OpenFlow role status message
    - debian/patches/CVE-2017-9263.patch: don't abort on unknown reason in
      lib/ofp-print.c.
    - CVE-2017-9263
  * SECURITY UPDATE: DoS while parsing group mod OpenFlow message
    - debian/patches/CVE-2017-9265.patch: check length in lib/ofp-util.c.
    - CVE-2017-9265

 -- Marc Deslauriers <email address hidden> Thu, 24 Aug 2017 14:15:05 -0400

CVE-2017-9214 In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsi
CVE-2017-9263 In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons
CVE-2017-9265 In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` i



About   -   Send Feedback to @ubuntu_updates