[ubuntu/groovy-proposed] dpdk 19.11.1-0ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue May 19 14:32:14 UTC 2020 

dpdk (19.11.1-0ubuntu2) groovy; urgency=medium

  * SECURITY UPDATE: Integer overflow in vhost_user_set_log_base()
    - d/p/0001-vhost-check-log-mmap-offset-and-size-overflow.patch: check
      log mmap offset and size overflow in lib/librte_vhost/vhost_user.c.
    - CVE-2020-10722
  * SECURITY UPDATE: Int truncation in vhost_user_check_and_alloc_queue_pair()
    - d/p/0002-vhost-fix-vring-index-check.patch: fix vring index check in
      lib/librte_vhost/vhost_user.c.
    - CVE-2020-10723
  * SECURITY UPDATE: Missing inputs validation in Vhost-crypto
    - d/p/0003-vhost-crypto-validate-keys-lengths.patch: validate keys
      lengths in lib/librte_vhost/vhost_crypto.c.
    - CVE-2020-10724
  * SECURITY UPDATE: Malicious guest could cause segfault by sending
    invalid Virtio descriptor
    - d/p/0004-vhost-fix-translated-address-not-checked.patch: fix
      translated address not checked in lib/librte_vhost/virtio_net.c.
    - CVE-2020-10725
  * SECURITY UPDATE: VHOST_USER_GET_INFLIGHT_FD message flooding to result
    in a DOS
    - d/p/0005-vhost-fix-potential-memory-space-leak.patch: fix potential
      memory space leak in lib/librte_vhost/vhost_user.c.
    - d/p/0006-vhost-fix-potential-fd-leak.patch: fix potential fd leak in
      lib/librte_vhost/vhost_user.c.
    - CVE-2020-10726

Date: Tue, 19 May 2020 09:08:02 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/dpdk/19.11.1-0ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 19 May 2020 09:08:02 -0400
Source: dpdk
Architecture: source
Version: 19.11.1-0ubuntu2
Distribution: groovy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 dpdk (19.11.1-0ubuntu2) groovy; urgency=medium
 .
   * SECURITY UPDATE: Integer overflow in vhost_user_set_log_base()
     - d/p/0001-vhost-check-log-mmap-offset-and-size-overflow.patch: check
       log mmap offset and size overflow in lib/librte_vhost/vhost_user.c.
     - CVE-2020-10722
   * SECURITY UPDATE: Int truncation in vhost_user_check_and_alloc_queue_pair()
     - d/p/0002-vhost-fix-vring-index-check.patch: fix vring index check in
       lib/librte_vhost/vhost_user.c.
     - CVE-2020-10723
   * SECURITY UPDATE: Missing inputs validation in Vhost-crypto
     - d/p/0003-vhost-crypto-validate-keys-lengths.patch: validate keys
       lengths in lib/librte_vhost/vhost_crypto.c.
     - CVE-2020-10724
   * SECURITY UPDATE: Malicious guest could cause segfault by sending
     invalid Virtio descriptor
     - d/p/0004-vhost-fix-translated-address-not-checked.patch: fix
       translated address not checked in lib/librte_vhost/virtio_net.c.
     - CVE-2020-10725
   * SECURITY UPDATE: VHOST_USER_GET_INFLIGHT_FD message flooding to result
     in a DOS
     - d/p/0005-vhost-fix-potential-memory-space-leak.patch: fix potential
       memory space leak in lib/librte_vhost/vhost_user.c.
     - d/p/0006-vhost-fix-potential-fd-leak.patch: fix potential fd leak in
       lib/librte_vhost/vhost_user.c.
     - CVE-2020-10726
Checksums-Sha1:
 4d512f0668bf746485570a3ceb5fefc347095cce 17373 dpdk_19.11.1-0ubuntu2.dsc
 3277ccae75d1bfa19a31340426d24b0c15e93351 59600 dpdk_19.11.1-0ubuntu2.debian.tar.xz
 a1b3f3e7b8cd1831b6ec6c2291804ad449160e7a 18384 dpdk_19.11.1-0ubuntu2_source.buildinfo
Checksums-Sha256:
 aa4de8e2a77e5a31ab872a1884d867fee98d74fc7aabaae64de39144fccd2fb4 17373 dpdk_19.11.1-0ubuntu2.dsc
 6215caf59540b2a1a8827fc1bdae785ba4dcb015c22a9ec45db22e490a3b5d2c 59600 dpdk_19.11.1-0ubuntu2.debian.tar.xz
 853cd5f2d6903eee929fde95b83be82e7e253affc76edc75a80a9714bc7b54af 18384 dpdk_19.11.1-0ubuntu2_source.buildinfo
Files:
 4cad864d41c37d324d67a4cd2abb52e9 17373 libs optional dpdk_19.11.1-0ubuntu2.dsc
 343c2b8c5c6747a9bbe45d04b0fe3ab5 59600 libs optional dpdk_19.11.1-0ubuntu2.debian.tar.xz
 40fd33fd17808785a34f4fb3ebcb427e 18384 libs optional dpdk_19.11.1-0ubuntu2_source.buildinfo
Original-Maintainer: Debian DPDK Maintainers <pkg-dpdk-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl7D6QQACgkQZWnYVadE
vpMR5BAAqGm8oUiE1q8rs5dSOcnZ9heURBo2Hzq+n3opH4tKFjyiAxTFQAB93P1h
xJuy4FSqLfPwp7942RV9VwyQ3oE35clEWqnuYwpDt96zC8wuCQ959980aD8Zxhqj
X+v9f4+vJA9dP8jLyuowYLsicMfEDNENeZ5u+weOzNiDs6ercigZnJfMjNRmK6fY
GZc8+evBB2UZCJrlfAW7xWLTkH58/XQt/mv9u248xPdxipf+ymWsfQLsJ7sl0x6K
ceXMbHli4AdJKUsGJW3WA/oMCIA5Wf0r0FjoC30P4lAOKfyZXkoPwmmfCr7KjRwU
GyQy/14nNgCixORenPIuVtjlNDHTCeFBsLepCgImtbgt90Hrpzl5VifYf+cCrObf
aEqJQCsd6PhtJXmATAOtkukOfScIE86QOZCIkYGIxgV4Olvd7nsC4XndIm/GIQte
Hxp5Nc4tBvSmRtM/yOh81xTRA1iNi/OkPsxGplBCZLpTYHKgIJ3oMwOlHLQhY0CO
aM+10LimKyzda22DL5bE8UOYTHVpTXwEnPvjqOqsQ3jPXhTIzfmvQjNi649qPLEs
aRUN9OCRUTn11FQhO/JdBAOCJEJHytzv+3yjA82QsartsU3X6L1GLRcieaFRtiUJ
wt1gn6H/k3r0ACVzKTiRN9PB6aRCwoAYawTsYweklafBywic0SY=
=Hj08
-----END PGP SIGNATURE-----

More information about the Groovy-changes mailing list