[ubuntu/xenial-security] openvswitch 2.5.5-0ubuntu0.16.04.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Jan 30 12:27:00 UTC 2019

openvswitch (2.5.5-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: assertion failure when decoding a group mod
    - debian/patches/CVE-2018-17204.patch: don't assert-fail decoding bad
      OF1.5 group mod type or command in lib/ofp-util.c.
    - CVE-2018-17204
  * SECURITY UPDATE: buffer overread during BUNDLE action decoding
    - debian/patches/CVE-2018-17206.patch: avoid overread in
    - CVE-2018-17206

openvswitch (2.5.5-0ubuntu0.16.04.1) xenial; urgency=medium

  * Bump nofiles to 1048576 for ovs daemons (LP: #1737866).
  * d/watch: Update for upstream website changes.
  * New upstream point release (LP: #1788103).
  * d/p/CVE-2017-9214.patch: Dropped, included upstream.

openvswitch (2.5.4-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream point release (LP: #1726927):
    - d/p/CVE-2017-9265.patch: Drop, included upstream.

openvswitch (2.5.2-0ubuntu0.16.04.3) xenial; urgency=medium

  * d/openvswitch-switch.postinst: Do not modify
    /etc/default/openvswitch-switch as this file is now managed
    as a configuration file by dpkg (LP: #1723480).

Date: 2018-10-04 17:18:13.586313+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Xenial-changes mailing list