-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 18 Feb 2024 16:46:26 +0100 Source: openvswitch Binary: openvswitch-doc openvswitch-pki openvswitch-source openvswitch-test Architecture: all Version: 3.1.0-2+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Thomas Goirand Description: openvswitch-doc - Open vSwitch documentation openvswitch-pki - Open vSwitch public key infrastructure dependency package openvswitch-source - Open vSwitch source code openvswitch-test - Open vSwitch test package Closes: 1063492 Changes: openvswitch (3.1.0-2+deb12u1) bookworm-security; urgency=medium . * CVE-2023-5366: A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. Added upstream patch: "Fix missing masks on a final stage with ports trie". * CVE-2023-3966: Invalid memory access in Geneve with HW offload. Added upstream patch: netdev-offload-tc: Check geneve metadata length (Closes: #1063492). Checksums-Sha1: f2d7723a83b9a5b2438e03b6025f3593b9fdc779 1078204 openvswitch-doc_3.1.0-2+deb12u1_all.deb bb9f4ece0ce42e25b5b367da962feef184ab44e8 22268 openvswitch-pki_3.1.0-2+deb12u1_all.deb ba207a80e643757bdc4e90da8605f056e493419b 7731580 openvswitch-source_3.1.0-2+deb12u1_all.deb 24808e7f44a11c38362843e6fe1ab4690413eddc 55960 openvswitch-test_3.1.0-2+deb12u1_all.deb 081862845e06a72b423d86ecbea51459cdcb459e 20363 openvswitch_3.1.0-2+deb12u1_all-buildd.buildinfo Checksums-Sha256: a47f64b3c3732f28b026ba9298e635ab5c31accaee50e26e935b1bee45ac3b13 1078204 openvswitch-doc_3.1.0-2+deb12u1_all.deb b1dc9cd072d681a70d39519a8d1c9d6ccdee27cbdb20fb736324f3ecd4c4165b 22268 openvswitch-pki_3.1.0-2+deb12u1_all.deb da7b7d8765447e7359a80b77caf1edc51a465bd7b34c487331d85fdbc0213502 7731580 openvswitch-source_3.1.0-2+deb12u1_all.deb c040321814d6405c1a714c948208c39df5fc8a91cf2a7ac7ec545a92d841acdd 55960 openvswitch-test_3.1.0-2+deb12u1_all.deb ad70dd3e1ef41592c35fae2f6ab7ba9ecd02cb3c4d33e188671a140adc58f88b 20363 openvswitch_3.1.0-2+deb12u1_all-buildd.buildinfo Files: 5d9f1c17d71a7e1f69a1f5b17c85d04b 1078204 doc optional openvswitch-doc_3.1.0-2+deb12u1_all.deb 0c3008f02c8731690c8d8769275bc874 22268 net optional openvswitch-pki_3.1.0-2+deb12u1_all.deb d9aad8295363a41910690739ee6495a6 7731580 net optional openvswitch-source_3.1.0-2+deb12u1_all.deb 66d2ada45f3b207a0015a20d91b84fd1 55960 net optional openvswitch-test_3.1.0-2+deb12u1_all.deb c9d8cb28185ecaa07ecae773bad3cff9 20363 net optional openvswitch_3.1.0-2+deb12u1_all-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEzW1K1578DQd6MDTQEbLkkg2OS0oFAmXxxVAACgkQEbLkkg2O S0rXSA//U9PSkYiw8c67vBt54+YfZCmdxzGBaGNVEzxqBS/Z4Xo99gOnRy79o3Iw rFgI5Jj+uD9iK2n5R/5wrhxuOhowId3mCoXcUvPtns03RdsNL85hm9H5H4Z1ZQmC mTkjruFGu3H6prsRM86AqrFVi1gBsLZ0EmWmQSoqjh24YZDFYXlSxpIHA/ii9k/P GCxmoya9l1Ol1k69JXJjzsjzC5hFGmRmYCv2DGzuQKgRzhqViSZvsOgm81VQeCKc PtSGDHrJ5wkDohs+cjJt4FEUxC0/BJnI2YoePhKfzDkjqT/qtPj39men8Dyl6s5n LLHco3LvohRTfkUI5QHIuvmOPh97g/tbiuN5xpi9yNx0NF96DbmNraLJXeDtjpjk yVVQXAb/3MIEg7NFDUe46AOCwoGZL0Selzu6oN1YnHP4rF9CJWsk/2swLKdDwEq/ sP0xv5Irw1hBvR2DzZnzyI0Wq6cVgr4nxeJkbcDxAuqVgwx/x5QA+U4v9k4uQJwW Lw5YIg+ndx6TSo97U844pXdBrPYKMJ4DJ7uFjOgX7Nso80W+bEwyRI3n1BodImx1 tECDcXdXmA3UL9yoSbY3EZ/BCJFlnsBBqw4e9n/Uw5TtW0fZxOYL5Xb/ZpBO+cQQ JZLHVzv9mt/AYvSykzqi/BaBBJfjLgcVSs271I42TWil24QRPL0= =AIdm -----END PGP SIGNATURE-----