Publishing details
Changelog
neutron (2:12.1.1-0ubuntu8.1~cloud0) xenial-queens; urgency=medium
* New update for the Ubuntu Cloud Archive.
neutron (2:12.1.1-0ubuntu8.1) bionic-security; urgency=medium
* SECURITY UPDATE: IPv6 impersonation in Open vSwitch firewall rules
- debian/patches/CVE-2021-20267-1.patch: allow egress ICMPv6 only for
known addresses in
doc/source/contributor/internals/openvswitch_firewall.rst,
neutron/agent/linux/openvswitch_firewall/firewall.py,
neutron/tests/unit/agent/linux/openvswitch_firewall/test_firewall.py.
- debian/patches/CVE-2021-20267-2.patch: restrict IPv6 NA and DHCP(v6)
IP and MAC source addresses in neutron/agent/firewall.py,
neutron/agent/linux/openvswitch_firewall/firewall.py,
neutron/tests/unit/agent/linux/openvswitch_firewall/test_firewall.py.
- CVE-2021-20267
* SECURITY UPDATE: hardware address impersonation with ebtables-nft
- debian/patches/CVE-2021-38598.patch: make ARP protection commands
compatible with "ebtables-nft" in
neutron/plugins/ml2/drivers/linuxbridge/agent/arp_protect.py,
neutron/tests/unit/plugins/ml2/drivers/linuxbridge/agent/test_arp_protect.py.
- CVE-2021-38598
* SECURITY UPDATE: dnsmasq reconfiguration issue
- debian/patches/CVE-2021-40085.patch: remove dhcp_extra_opt value
after first newline character in neutron/agent/linux/dhcp.py,
neutron/tests/unit/agent/linux/test_dhcp.py.
- CVE-2021-40085
* SECURITY UPDATE: memory consumption via API requests
- debian/patches/CVE-2021-40797.patch: don't use singleton in
routes.middleware.RoutesMiddleware in neutron/api/extensions.py.
- CVE-2021-40797
* SECURITY UPDATE: uncontrolled resource consumption flaw
- debian/patches/CVE-2022-3277.patch: do not allow a tenant to create a
default SG for another one in neutron/db/securitygroups_db.py,
neutron/tests/unit/db/test_securitygroups_db.py.
- CVE-2022-3277
-- Openstack Ubuntu Testing Bot <email address hidden> Tue, 26 Sep 2023 13:09:38 +0000
Builds
Built packages
-
neutron-common
Neutron is a virtual network service for Openstack - common
-
neutron-dhcp-agent
Neutron is a virtual network service for Openstack - DHCP agent
-
neutron-l3-agent
Neutron is a virtual network service for Openstack - l3 agent
-
neutron-linuxbridge-agent
Neutron is a virtual network service for Openstack - linuxbridge agent
-
neutron-macvtap-agent
Neutron is a virtual network service for Openstack - Macvtap L2 Agent
-
neutron-metadata-agent
Neutron is a virtual network service for Openstack - metadata agent
-
neutron-metering-agent
Neutron is a virtual network service for Openstack - metering agent
-
neutron-openvswitch-agent
Neutron is a virtual network service for Openstack - Open vSwitch plugin agent
-
neutron-plugin-linuxbridge-agent
Transitional package for neutron-linuxbridge-agent
-
neutron-plugin-ml2
Neutron is a virtual network service for Openstack - ML2 plugin
-
neutron-plugin-openvswitch-agent
Transitional package for neutron-openvswitch-agent
-
neutron-plugin-sriov-agent
Transitional package for neutron-sriov-agent
-
neutron-server
Neutron is a virtual network service for Openstack - server
-
neutron-sriov-agent
Neutron is a virtual network service for Openstack - SR-IOV agent
-
python-neutron
Neutron is a virtual network service for Openstack - Python library
Package files