Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora: FEDORA-2021-fba11d37ee Moderate: OpenvSwitch DoS Threat

fedora
Calendar Grey March 4, 2021
Dist Fedora Esm H88
Recent improvements to the openvswitch package in Fedora 33 boost both security features and overall performance. To ensure optimal stability, install it using dnf commands.
Updated OVS to 2.15 and DPDK to 20.11

Summary

Open vSwitch provides standard network bridging functions and

support for the OpenFlow protocol for remote per-flow control of

traffic.

Updated OVS to 2.15 and DPDK to 20.11

* Wed Feb 17 2021 Timothy Redaelli - 2.15.0-1

- Updated to 2.15.0

* Tue Jan 26 2021 Fedora Release Engineering - 2.14.0-4

- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

* Thu Nov 19 2020 Timothy Redaelli - 2.14.0-3

- Backport patches for CVE-2015-8011 (#1899303)

[ 1 ] Bug #1843590 - enable MLX5 poll mode driver

https://bugzilla.redhat.com/show_bug.cgi?id=1843590

[ 2 ] Bug #1899303 - CVE-2015-8011 openvswitch: lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1899303

[ 3 ] Bug #1902326 - dpdk-20.11 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1902326

[ 4 ] Bug #1921440 - CVE-2020-27827 openvswitch: lldp/openvswitch: denial of service via externally triggered memory leak [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1921440

[ 5 ] Bug #1927492 - CVE-2020-35498 openvswitch: limitation in the OVS packet parsing in userspace leads to DoS [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1927492

su -c 'dnf upgrade --advisory FEDORA-2021-fba11d37ee' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory denial of service security update fedora buffer overflow Fedora update information networking moderate risk DoS risk openvswitch Open vSwitch

Change Log

References

Update Instructions

Product: Fedora 33
Version: 2.15.0
Release: 1.fc33
URL: http://www.openvswitch.org/
Summary: Open vSwitch daemon/database/utilities

Topics%20covered

Topics Covered

security advisory denial of service security update fedora buffer overflow Fedora update information networking moderate risk DoS risk openvswitch Open vSwitch

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here