it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5319-1] openvswitch security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5319-1] openvswitch security update
Date: Fri, 13 Jan 2023 19:23:15 +0000
Authentication-results: mail.piratenpartei.de; dkim=none; dmarc=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
List-archive: https://lists.debian.org/msgid-search/Y8GvozCV7xS07dhu AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=zS6Fj8PfQSHjUquYD28shRIggboMvVMOHcyC/BcnbVQ=; b=AV 8nfZgVQzFozlstZET1GKb3wX2p3oBr3FlQ1RMCJLp1+N8H8Td09vCkF0PizBYhEGx/yP2HGO4NosV 03EQAPStGW8n9s5XJ2xQJpaozgvR+BLmLMHI3IrgUNcqDXgFBU2zkz+AXx0r7t+CZzLjvz7g7yr/g KPB/v3KJDygdl/Q2uFperexns35abRLZc7OwRNWGznMmUMezFAhhh9h4mVSvjn46PJyXjj2cMyTNp ec5JKvMcJn9KszjoLayGBajqf8AuT8bqAmWOWgLgESBA3dZuey/9rNCA1n3xphytsNx7EiijL8k7Y xZp4KHe4NhXIng11E0qC6xMMU0LfVDjQ==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Fri, 13 Jan 2023 19:23:57 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <2Hj9Sz4UAWN.A.skF.M_awjB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5319-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 13, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : openvswitch
CVE ID : CVE-2022-4337 CVE-2022-4338
Debian Bug : 1027273

Two vulnerabilities were discovered in the LLPD implementation of Open
vSwitch, software-based Ethernet virtual switch, which could result in
denial of service.

For the stable distribution (bullseye), these problems have been fixed in
version 2.15.0+ds1-2+deb11u2.

We recommend that you upgrade your openvswitch packages.

For the detailed security status of openvswitch please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openvswitch

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPBrj0ACgkQEMKTtsN8
TjbVVw/+OXr/AQa61Y04slO3uhOLOa+llhszDFjIGlWFWlqMEg7CItYhqEdAf3nC
elZy2/wqtv4VIMrz8IW+qDWSMkitgjWqbmn3dG92VhcLFD3Dq1RGXg3B8x22MMtG
sBGYIfUPhDbG97NE4tqr2itN0ubl9Z8mnOFVv3D9eqxJT3df9WXMVZpX+jHiSMU3
uLLhHor9rRBWpu3DEW5Cc6jLLghuN2FS2FADiUtf5MLAUk7gR1CRqOQm+41yNoBP
qBF/C+OqJpHSitbVDtJjKacv/VUVgMzHt9Xf1gMNldLan9rO1MYkZaKkSuC+U5G5
Kpj55we0LM/zAKRVnGFPk6QQUWHSCMG4Ae4+pRAWBX7ofwY38C6sxhUS+C9vMYao
9sFZuWvKFElyQPgI/NVsUNDxYPGHRFxOXWgDyxDxNIBhf8s7QzgQBoegaaJ7A1LK
4lhUsG7xQ1dmJRsB8jtYXR8v/QBNvnoU+JG1yi8yUPfD+VvAgnulKpWy/u12EVZB
Rot9tG39oZO0ReDGk6g/fLyHFo74gCGsjNZCHUzuk3q+axJnAH1z9Ss2Qp3g6snB
o6Ku0ZxfN2hp4ylv/jXjNAP8jnQ3S94DJVZiJwlakzJD6J3pYdKzL7NWKuXhyjrA
mOdQJnpZSKLr546Av5tAqoXvHCvmfTWPdbvST7cFraWs2X2StpE=
=a4Zt
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5319-1] openvswitch security update, Moritz Muehlenhoff, 13.01.2023

Archiv bereitgestellt durch MHonArc 2.6.24.