← Back to team overview

group.of.nepali.translators team mailing list archive

  1. group.of.nepali.translators team
  2. Mailing list archive
  3. Message #38095

[Bug 1888198] Re: [SRU] opevnswitch 2.5.9

  Thread PreviousDate PreviousThread Next 
This bug was fixed in the package openvswitch - 2.5.9-0ubuntu0.16.04.2

---------------
openvswitch (2.5.9-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: buffer overflow decoding malformed packets in lldp
    - debian/patches/CVE-2015-8011.patch: check lengths in lib/lldp/lldp.c.
    - CVE-2015-8011
  * SECURITY UPDATE: Externally triggered memory leak in lldp
    - debian/patches/CVE-2020-27827.patch: properly free memory in
      lib/lldp/lldp.c.
    - CVE-2020-27827

 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>  Fri, 08 Jan 2021
07:30:54 -0500

** Changed in: openvswitch (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-8011

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-27827

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1888198

Title:
  [SRU] opevnswitch 2.5.9

Status in Ubuntu Cloud Archive:
  Fix Released
Status in Ubuntu Cloud Archive mitaka series:
  Fix Committed
Status in openvswitch package in Ubuntu:
  Fix Released
Status in openvswitch source package in Xenial:
  Fix Released

Bug description:
  [Impact]
  This release sports mostly bug-fixes and we would like to make sure all of our
  supported customers have access to these improvements.
  The update contains the following package updates:

     * openvswitch 2.5.9

  [Test Case]

  The following SRU process was followed:

  https://wiki.ubuntu.com/OpenStack/StableReleaseUpdates

  In order to avoid regression of existing consumers, the OpenStack team will
  run their continuous integration test against the packages that are in
  -proposed. A successful run of all available tests will be required before the
  proposed packages can be let into -updates.

  The OpenStack team will be in charge of attaching the output summary of the
  executed tests. The OpenStack team members will not mark ‘verification-done’ until
  this has happened.

  [Regression Potential]
  In order to mitigate the regression potential, the results of the
  aforementioned tests are attached to this bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1888198/+subscriptions

References

  Thread PreviousDate PreviousThread Next