-
openvswitch (2.5.9-0ubuntu0.16.04.3) xenial-security; urgency=medium
* SECURITY UPDATE: packet parsing vulnerability
- debian/patches/CVE-2020-35498.patch: support extra padding length in
lib/dp-packet.h, lib/flow.c, tests/classifier.at.
- CVE-2020-35498
-- Marc Deslauriers <email address hidden> Thu, 28 Jan 2021 14:49:45 -0500
-
openvswitch (2.5.9-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: buffer overflow decoding malformed packets in lldp
- debian/patches/CVE-2015-8011.patch: check lengths in lib/lldp/lldp.c.
- CVE-2015-8011
* SECURITY UPDATE: Externally triggered memory leak in lldp
- debian/patches/CVE-2020-27827.patch: properly free memory in
lib/lldp/lldp.c.
- CVE-2020-27827
-- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 07:30:54 -0500
-
openvswitch (2.5.9-0ubuntu0.16.04.1) xenial; urgency=medium
* Bump nofiles to 1048576 for ovs daemons when running under
upstart (LP: #1737866).
* d/watch: Misc tweaks for upstream layout changes.
* New upstream release (LP: #1888198).
-- James Page <email address hidden> Mon, 20 Jul 2020 15:36:21 +0100
-
openvswitch (2.5.5-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: assertion failure when decoding a group mod
- debian/patches/CVE-2018-17204.patch: don't assert-fail decoding bad
OF1.5 group mod type or command in lib/ofp-util.c.
- CVE-2018-17204
* SECURITY UPDATE: buffer overread during BUNDLE action decoding
- debian/patches/CVE-2018-17206.patch: avoid overread in
lib/ofp-actions.c.
- CVE-2018-17206
-- Marc Deslauriers <email address hidden> Thu, 04 Oct 2018 11:45:07 -0400
-
openvswitch (2.5.5-0ubuntu0.16.04.1) xenial; urgency=medium
* Bump nofiles to 1048576 for ovs daemons (LP: #1737866).
* d/watch: Update for upstream website changes.
* New upstream point release (LP: #1788103).
* d/p/CVE-2017-9214.patch: Dropped, included upstream.
-- James Page <email address hidden> Wed, 22 Aug 2018 09:36:55 +0100
-
openvswitch (2.5.4-0ubuntu0.16.04.1) xenial; urgency=medium
* New upstream point release (LP: #1726927):
- d/p/CVE-2017-9265.patch: Drop, included upstream.
-- James Page <email address hidden> Mon, 30 Oct 2017 10:38:01 +0000
-
openvswitch (2.5.2-0ubuntu0.16.04.3) xenial; urgency=medium
* d/openvswitch-switch.postinst: Do not modify
/etc/default/openvswitch-switch as this file is now managed
as a configuration file by dpkg (LP: #1723480).
-- Frode Nordahl <email address hidden> Tue, 17 Oct 2017 16:38:57 +0000
-
openvswitch (2.5.2-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: DoS while parsing OFPT_QUEUE_GET_CONFIG_REPLY message
- debian/patches/CVE-2017-9214.patch: properly check length in
lib/ofp-util.c.
- CVE-2017-9214
* SECURITY UPDATE: DoS while parsing OpenFlow role status message
- debian/patches/CVE-2017-9263.patch: don't abort on unknown reason in
lib/ofp-print.c.
- CVE-2017-9263
* SECURITY UPDATE: DoS while parsing group mod OpenFlow message
- debian/patches/CVE-2017-9265.patch: check length in lib/ofp-util.c.
- CVE-2017-9265
-- Marc Deslauriers <email address hidden> Thu, 24 Aug 2017 14:15:05 -0400
-
openvswitch (2.5.2-0ubuntu0.16.04.1) xenial; urgency=medium
* New upstream point release (LP: #1673063).
-- James Page <email address hidden> Wed, 15 Mar 2017 13:55:24 +0000
-
openvswitch (2.5.0-0ubuntu1) xenial; urgency=medium
* New upstream release.
-- James Page <email address hidden> Thu, 10 Mar 2016 14:09:14 +0000
-
openvswitch (2.5.0~git20160219.522aca6-0ubuntu3) xenial; urgency=medium
* d/rules,control,openvswitch-switch-dpdk.*: Install DPDK enabled binaries
into a new package (replacing the one from src:openvswitch-dpdk) rather
than shipping alongside the vanilla binaries (LP: #1550254).
* d/openvswitch-switch.*: Tidy up alternatives related to ovs-vswitchd-dpdk
in 2.5.0~git20160219.522aca6-0ubuntu2.
* d/tests/*: Refactor, exercise vanilla and dpdk enabled binaries where
possible.
-- James Page <email address hidden> Fri, 26 Feb 2016 12:39:27 +0000
-
openvswitch (2.5.0~git20160219.522aca6-0ubuntu2) xenial; urgency=medium
* [9c970b06] d/rules,*.manpages,*.install: Prepare for dual build.
* [f7dff3e7] DPDK enablement (LP: #1492186):
- d/p/system-dpdk.patch: Pick patch from openvswitch-dpdk to
support use with libdpdk-dev.
- d/control: Add DPDK dependencies for supported archs.
- d/rules: Build DPDK enabled binaries for supported archs.
- d/openvswitch-switch.p*: Install ovs-vswitch-dpdk binary as an
alternative.
- d/openvswitch-switch.README.Debian: Let users know how to use
the DPDK binary.
-- James Page <email address hidden> Wed, 24 Feb 2016 21:44:41 +0000
-
openvswitch (2.5.0~git20160219.522aca6-0ubuntu1) xenial; urgency=medium
* [7c4c30b] Imported upstream snapshot 2.5.0~git20160219.522aca6.
-- James Page <email address hidden> Fri, 19 Feb 2016 13:51:49 +0000
-
openvswitch (2.5.0~git20160129.46a88d9-0ubuntu1) xenial; urgency=medium
* [099b995] d/rules: Switch to 2.5 branch for snapshots.
* [aee4d60] Imported upstream snapshot 2.5.0~git20160129.46a88d9
* [b5d8f41] d/p/*: Refresh patches.
* [97855b9] d/control,ovn*: Sync packaging changes from upstream for
experimental OVN support.
* [5c2ef1d] d/*.init: Tidy up init.d-script-does-not-source-init-functions
lint.
* [f3434f7] d/control: Add dh-python to BD's.
* [81a7cca] d/control: Fixup breaks/replaces for upgrades.
* [c19cf60] d/*.init Ensure _SYSTEMCTL_SKIP_REDIRECT is set prior to
inclusion of init-functions.
* [a7d5430] d/openvswitch-switch.openvswitch-nonetwork.service: Pass
OVS_CTL_OPTS instead of OPTIONS to ovs-ctl on startup.
* [d19098f] d/p/ovs-ctl-dpdk.patch: Sort out tab/space formatting.
* [9e3989e] d/control: Add libcap-ng-dev to BD's to support running
ovs daemons as non-root users.
-- James Page <email address hidden> Fri, 29 Jan 2016 11:44:50 +0100
-
openvswitch (2.4.0-0ubuntu5) xenial; urgency=high
* Skip tests on s390x, for the same reason as powerpc see 1483572.
-- Dimitri John Ledkov <email address hidden> Tue, 26 Jan 2016 10:38:48 +0000
-
openvswitch (2.4.0-0ubuntu4) wily; urgency=medium
[ Arata Notsu ]
* Fix ifupdown hooks in cases where BRIDGE is not defined. (LP: #1314887)
-- Chris J Arges <email address hidden> Thu, 15 Oct 2015 15:03:34 -0500
