[Bug 1575119] Re: [SRU] Open vSwitch 2.4.1, 2.3.3 stable updates

Chris J Arges 1575119 at bugs.launchpad.net
Wed May 25 13:29:36 UTC 2016


Hello James, or anyone else affected,

Accepted openvswitch into wily-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/openvswitch/2.4.1-0ubuntu0.15.10.1
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: openvswitch (Ubuntu Wily)
       Status: Triaged => Fix Committed

** Tags added: verification-needed

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1575119

Title:
  [SRU] Open vSwitch 2.4.1, 2.3.3 stable updates

Status in Ubuntu Cloud Archive:
  Invalid
Status in Ubuntu Cloud Archive kilo series:
  Triaged
Status in Ubuntu Cloud Archive liberty series:
  Triaged
Status in openvswitch package in Ubuntu:
  Invalid
Status in openvswitch source package in Wily:
  Fix Committed

Bug description:
  The Open vSwitch team is pleased to announce the release of Open
  vSwitch 2.4.1:

          http://openvswitch.org/releases/openvswitch-2.4.1.tar.gz

  and Open vSwitch 2.3.3:

          http://openvswitch.org/releases/openvswitch-2.3.3.tar.gz

  Both of these releases contain bug fixes.  Most importantly, they
  address a remote execution vulnerability in MPLS parsing
  (CVE-2016-2074):

  http://openvswitch.org/pipermail/announce/2016-March/000082.html

  We recommend immediately upgrading to a patched version.  If you do
  not want the other fixes, the advisory above contain patches that may
  be applied to the previous releases.

  Note that Open vSwitch 2.5.x is not affected by this issue.

  We would like to thank the reporters: Kashyap Thimmaraju and Bhargava
  Shastry.

  Enjoy!

  --The Open vSwitch Team

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1575119/+subscriptions



More information about the Ubuntu-openstack-bugs mailing list