[ubuntu/noble-proposed] openvswitch 3.3.0~git20240118.e802fe7-3ubuntu1 (Accepted)

[Marc Deslauriers]

openvswitch (3.3.0~git20240118.e802fe7-3ubuntu1) noble; urgency=medium

  * SECURITY UPDATE: vulnerable to crafted Geneve packets
    - debian/patches/CVE-2023-3966.patch: check geneve metadata length in
      lib/netdev-offload-tc.c, tests/system-traffic.at.
    - CVE-2023-3966
  * SECURITY UPDATE: OpenFlow rules bypass via ICMPv6 Neighbor Adv packets
    - debian/patches/CVE-2023-5366.patch: follow Open Flow spec converting
      from OF to DP in lib/odp-util.c, tests/ofproto-macros.at,
      tests/system-traffic.at.
    - CVE-2023-5366

Date: Thu, 29 Feb 2024 11:16:59 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openvswitch/3.3.0~git20240118.e802fe7-3ubuntu1
-------------- next part --------------
Format: 1.8
Date: Thu, 29 Feb 2024 11:16:59 -0500
Source: openvswitch
Built-For-Profiles: noudeb
Architecture: source
Version: 3.3.0~git20240118.e802fe7-3ubuntu1
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 openvswitch (3.3.0~git20240118.e802fe7-3ubuntu1) noble; urgency=medium
 .
   * SECURITY UPDATE: vulnerable to crafted Geneve packets
     - debian/patches/CVE-2023-3966.patch: check geneve metadata length in
       lib/netdev-offload-tc.c, tests/system-traffic.at.
     - CVE-2023-3966
   * SECURITY UPDATE: OpenFlow rules bypass via ICMPv6 Neighbor Adv packets
     - debian/patches/CVE-2023-5366.patch: follow Open Flow spec converting
       from OF to DP in lib/odp-util.c, tests/ofproto-macros.at,
       tests/system-traffic.at.
     - CVE-2023-5366
Checksums-Sha1:
 33de69f2094f2202316992cb8eb027dc0b41c2d1 3910 openvswitch_3.3.0~git20240118.e802fe7-3ubuntu1.dsc
 705592c40051ceff5d1c56b9cf1b98d182a718ca 74728 openvswitch_3.3.0~git20240118.e802fe7-3ubuntu1.debian.tar.xz
 1a818cac1c23fa1534f81cc5f746c085a4c49b60 19087 openvswitch_3.3.0~git20240118.e802fe7-3ubuntu1_source.buildinfo
Checksums-Sha256:
 ac8709f3dd2172023bab7d92b4b23ca65c8bfbcf7518d065164d5637f64d93ed 3910 openvswitch_3.3.0~git20240118.e802fe7-3ubuntu1.dsc
 9097617aa260e29ddd429ac5bf326f6b5b15be571db69c1c6513cbc058eeece8 74728 openvswitch_3.3.0~git20240118.e802fe7-3ubuntu1.debian.tar.xz
 e4e749ee41b7773290c031b76eae26ed5cf5fec408cda3ebea19101106b9caa4 19087 openvswitch_3.3.0~git20240118.e802fe7-3ubuntu1_source.buildinfo
Files:
 f9dd8f288385b1cf87ea3f83874ad352 3910 net optional openvswitch_3.3.0~git20240118.e802fe7-3ubuntu1.dsc
 35e26992ec9f99182edb270a1e4b7087 74728 net optional openvswitch_3.3.0~git20240118.e802fe7-3ubuntu1.debian.tar.xz
 e2b690a17d66b66f2fc021fdc613d797 19087 net optional openvswitch_3.3.0~git20240118.e802fe7-3ubuntu1_source.buildinfo
Original-Maintainer: Debian OpenStack <team+openstack at tracker.debian.org>