Publishing details
Changelog
openvswitch (2.10.7+ds1-0+deb10u1) buster-security; urgency=medium
* New upstream point release:
- Addresses CVE-2020-35498: denial of service attacks, in which crafted
network packets could cause the packet lookup to ignore network header
fields from layers 3 and 4. The crafted network packet is an ordinary
IPv4 or IPv6 packet with Ethernet padding length above 255 bytes. This
causes the packet sanity check to abort parsing header fields after
layer 2 (Closes: #982493).
-- Thomas Goirand <email address hidden> Fri, 12 Feb 2021 15:48:38 +0100
Builds
Package files