——————————————————————————–
Fedora Update Notification
FEDORA-2017-45625fecca
2017-10-16 15:51:47.722264
——————————————————————————–
Name : openvswitch
Product : Fedora 26
Version : 2.7.3
Release : 2.fc26
URL : http://openvswitch.org
Summary : Open vSwitch daemon/database/utilities
Description :
Open vSwitch provides standard network bridging functions and
support for the OpenFlow protocol for remote per-flow control of
traffic.
——————————————————————————–
Update Information:
Add a symlink of the OCF script in the OCF resources folder —- Updated to
Open vSwitch 2.7.3 and DPDK 16.11.3 for CVE-2017-14970 —- Security fix for
CVE-2017-9263, CVE-2017-9265 —- Updated to Open vSwitch 2.7.1 and DPDK
16.11.2 (#1468234)
——————————————————————————–
References:
[ 1 ] Bug #1497966 – CVE-2017-14970 openvswitch: Multiple memory leaks in lib/ofp-util.c while parsing malformed OpenFlow group mod messages
https://bugzilla.redhat.com/show_bug.cgi?id=1497966
[ 2 ] Bug #1457327 – CVE-2017-9263 openvswitch: Invalid processing of a malicious OpenFlow role status message
https://bugzilla.redhat.com/show_bug.cgi?id=1457327
[ 3 ] Bug #1457335 – CVE-2017-9265 openvswitch: Buffer over-read while parsing the group mod OpenFlow message
https://bugzilla.redhat.com/show_bug.cgi?id=1457335
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade openvswitch’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org