-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 25 Feb 2024 15:10:01 +0100
Source: openvswitch
Binary: openvswitch-common openvswitch-dbg openvswitch-dev openvswitch-ipsec openvswitch-switch openvswitch-testcontroller openvswitch-vtep
Architecture: mips64el
Version: 2.15.0+ds1-2+deb11u5
Distribution: bullseye-security
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-osuosl-04) <buildd_mips64el-mipsel-osuosl-04@buildd.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Description:
 openvswitch-common - Open vSwitch common components
 openvswitch-dbg - Debug symbols for Open vSwitch packages
 openvswitch-dev - Open vSwitch development package
 openvswitch-ipsec - Open vSwitch IPsec tunneling support
 openvswitch-switch - Open vSwitch switch implementations
 openvswitch-testcontroller - Simple controller for testing OpenFlow setups
 openvswitch-vtep - Open vSwitch VTEP utilities
Closes: 1063492
Changes:
 openvswitch (2.15.0+ds1-2+deb11u5) bullseye-security; urgency=medium
 .
   * CVE-2023-5366: A flaw was found in Open vSwitch that allows ICMPv6 Neighbor
     Advertisement packets between virtual machines to bypass OpenFlow rules.
     This issue may allow a local attacker to create specially crafted packets
     with a modified or spoofed target IP address field that can redirect ICMPv6
     traffic to arbitrary IP addresses. Added upstream patch: "Fix missing masks
     on a final stage with ports trie".
     Added additional patches that the LTS team added to fix this:
     - Cherry-pick additional patch adjust-segment-boundary.patch
       to fix test suite for the patch for this CVE.
     - Cherry-pick fix-testcase-ipv6-ND-dependency.patch to fix
       new test ipv6-ND-dependency (added by the previous patch)
   * CVE-2023-3966: Invalid memory access in Geneve with HW offload. Add
     upstream patches (Closes: #1063492):
     - Fix the mask for tunnel metadata length
     - Check geneve metadata length
   * CVE-2024-22563: openvswitch 2.17.8 was discovered to contain a memory leak
     via the function xmalloc__ in openvswitch-2.17.8/lib/util.c. Add upstream
     patch "Fix memory leak in ovs_pcap_open".
   * Blacklist unittest 21 - bpf decay, which isn't deterministic.
Checksums-Sha1:
 d76f74ad7ffbb6b66acd1eb148f7ce54f9f16b06 1589488 openvswitch-common_2.15.0+ds1-2+deb11u5_mips64el.deb
 1e5e82c7166a403182c04e16d5373f36dad1ec92 5545084 openvswitch-dbg_2.15.0+ds1-2+deb11u5_mips64el.deb
 11535c3b406291e79228e4bcc35236a2871bb1ef 1601248 openvswitch-dev_2.15.0+ds1-2+deb11u5_mips64el.deb
 a64744859443206516e9a85c768ca0f71412d21f 40792 openvswitch-ipsec_2.15.0+ds1-2+deb11u5_mips64el.deb
 e90044fb2e7fd9a0b6a7579fe4be698e6d663f37 55416 openvswitch-switch_2.15.0+ds1-2+deb11u5_mips64el.deb
 cda57f6ff9aa8308d3263f64b1bcd376b2e7b80d 42620 openvswitch-testcontroller_2.15.0+ds1-2+deb11u5_mips64el.deb
 0d9e4be4f54099c6ce1114acab7e0cd087de43d1 41088 openvswitch-vtep_2.15.0+ds1-2+deb11u5_mips64el.deb
 0e95a43ec46243c729da4c6787d34f26a0c1b8f2 11763 openvswitch_2.15.0+ds1-2+deb11u5_mips64el-buildd.buildinfo
Checksums-Sha256:
 efd3a2586265797e7d81a3d36f7b32d9aee74fd73c51a1d0cfad45aef0061543 1589488 openvswitch-common_2.15.0+ds1-2+deb11u5_mips64el.deb
 9204e9e6799c005a1c48272b988d47896285bc3ea624777d1ea7097b11229fcb 5545084 openvswitch-dbg_2.15.0+ds1-2+deb11u5_mips64el.deb
 acee50af16e04cece68e9d7fbe79130a594d3e9b6b04abc9a9d64415427fc2d6 1601248 openvswitch-dev_2.15.0+ds1-2+deb11u5_mips64el.deb
 53213860fd6f17242103d61c743dc6249130f51f02e5537854f18306572aaf9f 40792 openvswitch-ipsec_2.15.0+ds1-2+deb11u5_mips64el.deb
 93451a84d8e3b4e0ad9aff2b0a7a63c95b53935735680a6b44c6546ad51d0c66 55416 openvswitch-switch_2.15.0+ds1-2+deb11u5_mips64el.deb
 5721090ece046f0da59070770fb98afea6b07c6631f3ffcf1d4826c587284698 42620 openvswitch-testcontroller_2.15.0+ds1-2+deb11u5_mips64el.deb
 00038dc33c399b725e3ea3a8a0ca2b7829651e91627514abbd35a9b25ab9527c 41088 openvswitch-vtep_2.15.0+ds1-2+deb11u5_mips64el.deb
 233245370bb72c19303d18a08708f8a3ff098dd9d49d5d2292e9a7401d668f53 11763 openvswitch_2.15.0+ds1-2+deb11u5_mips64el-buildd.buildinfo
Files:
 47fe82229b2db247f17e6404ce2001df 1589488 net optional openvswitch-common_2.15.0+ds1-2+deb11u5_mips64el.deb
 cf1a480010b1fdbc745483a9e5c10882 5545084 debug optional openvswitch-dbg_2.15.0+ds1-2+deb11u5_mips64el.deb
 5fea3c42124800a756ac1d4cfe18f826 1601248 net optional openvswitch-dev_2.15.0+ds1-2+deb11u5_mips64el.deb
 cced38a8b6fbe3330ee4105959167d62 40792 net optional openvswitch-ipsec_2.15.0+ds1-2+deb11u5_mips64el.deb
 28ec86da37db189f254755daa31e6706 55416 net optional openvswitch-switch_2.15.0+ds1-2+deb11u5_mips64el.deb
 ecaf2583a958e193872b1ded90183fde 42620 net optional openvswitch-testcontroller_2.15.0+ds1-2+deb11u5_mips64el.deb
 20eb28bfc1aef47c9db2113c50799ab5 41088 net optional openvswitch-vtep_2.15.0+ds1-2+deb11u5_mips64el.deb
 27cbfefa75016f3b97d55e9adf98a597 11763 net optional openvswitch_2.15.0+ds1-2+deb11u5_mips64el-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEEmZlxOBLdXDBxnwAL00bee7O74EFAmXzeEYACgkQL00bee7O
74EBJxAAvACwROoztmznp5qAU6lWyY7TQ+aokDeKEofUnw37fnQMs9Lz0usF36En
aOnnXaCKIphrOYjMdBRsf7qAVoHdufFk3SR4LK7XgtSywihm8fkvqmhNtsOWF26L
VR/CxU/KekBqY5T1xYvGL/El/hEXlPehwYRHFzeQBx+yT9gd4EDCG5ws/9Z4Raq6
hB7q80l3CW3alhOvu9K938AWW2J/E84pVgurS5y8e1fbzrsmBylGTXzI25HlBvuh
534CW4HlIH04U3dFnkvXbZa+fjy5KKnZjtXNtTtF2vY+y6A1bgjYd4FvokQDej0j
bQx/AJnaSTVvDRMmSz6XQ2xUT0pUz4mhDXov+/+923aJ+1M9SVRTmJqCn56FQNHn
RqBQR4y8AECjWVFWG+qrkSfpuPCSLcZrkuxyrHPGksHIKAfef4OQCHymz2wATeH2
fAbhlQfKVQ/mTTAP8Z6X+5Aj6DDICLLsv2gIh7BHPsijTy+bv4PL2RpLmqfCZS9c
kRIgm/7ib6bTXtc7T4rwpUyNXAtouSwRq3E6JMj24vJBUWWWBwviOFm6cReZWJ6W
UP8Cy/1o2AUPob4XEGQbm9+W4hKTAU5HMQTvZN1qlZkEeuEOAQGSMWGshXthXBP4
WXNudXpe7+/AxA5MBAZhmfwOmE1A0bZXRMRRdFvyOJHOOTdzLv8=
=jHNc
-----END PGP SIGNATURE-----