-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 25 Feb 2024 15:10:01 +0100
Source: openvswitch
Binary: openvswitch-common openvswitch-dbg openvswitch-dev openvswitch-ipsec openvswitch-switch openvswitch-testcontroller openvswitch-vtep
Architecture: armel
Version: 2.15.0+ds1-2+deb11u5
Distribution: bullseye-security
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-04) <buildd_armhf-arm-ubc-04@buildd.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Description:
 openvswitch-common - Open vSwitch common components
 openvswitch-dbg - Debug symbols for Open vSwitch packages
 openvswitch-dev - Open vSwitch development package
 openvswitch-ipsec - Open vSwitch IPsec tunneling support
 openvswitch-switch - Open vSwitch switch implementations
 openvswitch-testcontroller - Simple controller for testing OpenFlow setups
 openvswitch-vtep - Open vSwitch VTEP utilities
Closes: 1063492
Changes:
 openvswitch (2.15.0+ds1-2+deb11u5) bullseye-security; urgency=medium
 .
   * CVE-2023-5366: A flaw was found in Open vSwitch that allows ICMPv6 Neighbor
     Advertisement packets between virtual machines to bypass OpenFlow rules.
     This issue may allow a local attacker to create specially crafted packets
     with a modified or spoofed target IP address field that can redirect ICMPv6
     traffic to arbitrary IP addresses. Added upstream patch: "Fix missing masks
     on a final stage with ports trie".
     Added additional patches that the LTS team added to fix this:
     - Cherry-pick additional patch adjust-segment-boundary.patch
       to fix test suite for the patch for this CVE.
     - Cherry-pick fix-testcase-ipv6-ND-dependency.patch to fix
       new test ipv6-ND-dependency (added by the previous patch)
   * CVE-2023-3966: Invalid memory access in Geneve with HW offload. Add
     upstream patches (Closes: #1063492):
     - Fix the mask for tunnel metadata length
     - Check geneve metadata length
   * CVE-2024-22563: openvswitch 2.17.8 was discovered to contain a memory leak
     via the function xmalloc__ in openvswitch-2.17.8/lib/util.c. Add upstream
     patch "Fix memory leak in ovs_pcap_open".
   * Blacklist unittest 21 - bpf decay, which isn't deterministic.
Checksums-Sha1:
 1d4c1d1b83b185451bab8ba7b5f07ec42b5843a6 1571740 openvswitch-common_2.15.0+ds1-2+deb11u5_armel.deb
 37fec7e123c7645b3c161624fe2d6220a46182bb 5085264 openvswitch-dbg_2.15.0+ds1-2+deb11u5_armel.deb
 9bc23963edf95057dbc88839ea0035c92ba84bb8 1345948 openvswitch-dev_2.15.0+ds1-2+deb11u5_armel.deb
 6f4127cdc566e919568adecd2fa2aed01f07959a 40792 openvswitch-ipsec_2.15.0+ds1-2+deb11u5_armel.deb
 ce37eab932b3546bedf52ba3464347ba2b623544 55408 openvswitch-switch_2.15.0+ds1-2+deb11u5_armel.deb
 ee3ffc748bea5d46b80e872650cdea9e551a4f04 42620 openvswitch-testcontroller_2.15.0+ds1-2+deb11u5_armel.deb
 1518430418313d56d766edeadfbb90c93c5126e0 41084 openvswitch-vtep_2.15.0+ds1-2+deb11u5_armel.deb
 eb359329fdc929fe95878d6ff5fecdce0c8d7949 11737 openvswitch_2.15.0+ds1-2+deb11u5_armel-buildd.buildinfo
Checksums-Sha256:
 56daaf533224776df9ce0d65d68870ee93a605509e6294c1162643658da4b164 1571740 openvswitch-common_2.15.0+ds1-2+deb11u5_armel.deb
 55224271036fd058216956a7ba3a0eaafc3569ef351ace35540e8e95702230f7 5085264 openvswitch-dbg_2.15.0+ds1-2+deb11u5_armel.deb
 2622d1dbd7dc272d7d385754f4435fd85f84922101c89f8caa86a921687243ee 1345948 openvswitch-dev_2.15.0+ds1-2+deb11u5_armel.deb
 ff5471c2de20cd1924d20685a65cccd10a1c94163dcc138d6503976a491ab9c9 40792 openvswitch-ipsec_2.15.0+ds1-2+deb11u5_armel.deb
 fd1baeb0e62671e92c4533d0593d87011731b834180d88867da85b4052c0d345 55408 openvswitch-switch_2.15.0+ds1-2+deb11u5_armel.deb
 df01413f40490d885655871f95f55e4d365a2907f4d0b1b6d409e411b71233b6 42620 openvswitch-testcontroller_2.15.0+ds1-2+deb11u5_armel.deb
 5e47d810959859767e36f11f19907e3cc43a3dbb1a98465cc885378d3b0e687b 41084 openvswitch-vtep_2.15.0+ds1-2+deb11u5_armel.deb
 efae047c277c985718db40c7540b5445e5dd059ddd3289f3b66a1a59db537e9f 11737 openvswitch_2.15.0+ds1-2+deb11u5_armel-buildd.buildinfo
Files:
 b4e519bf3cdadf5ec9fa90a96d7a09ca 1571740 net optional openvswitch-common_2.15.0+ds1-2+deb11u5_armel.deb
 0e2e5846d01f4c2d6f71545cf6e8c20f 5085264 debug optional openvswitch-dbg_2.15.0+ds1-2+deb11u5_armel.deb
 4753dc992ef7103130b071cd3b2abd5e 1345948 net optional openvswitch-dev_2.15.0+ds1-2+deb11u5_armel.deb
 c797b406ea32aef969c954e160b73f5c 40792 net optional openvswitch-ipsec_2.15.0+ds1-2+deb11u5_armel.deb
 4b85b4a250238eb036975e4a62557512 55408 net optional openvswitch-switch_2.15.0+ds1-2+deb11u5_armel.deb
 224360f7db19134391629be4e21e7da7 42620 net optional openvswitch-testcontroller_2.15.0+ds1-2+deb11u5_armel.deb
 ca65332751b961d94303490257f0f779 41084 net optional openvswitch-vtep_2.15.0+ds1-2+deb11u5_armel.deb
 7c13d55ad0cb93ad9284e50ab6d90662 11737 net optional openvswitch_2.15.0+ds1-2+deb11u5_armel-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEU5Ohx66NeEdc9V4jWTHLDRjMKsQFAmXxzNMACgkQWTHLDRjM
KsSaiA//dUPewjGWb8nJbV5pKjbDzCkoWCqffWadg1dHcGPdumZh5N7ZD91K9erm
Jtp6LVtyW54yrTlmXVEQmAnXPzV8XFHM005kPFNSoRvsApUXaOq6MN+jCXLxEAvo
Zhj7UcnU8vfsU6oLLKJfxxvum/cYfDjlo61fsnDOenaosEFWh+jwdK++B9/vzUsX
QyC82/ML0SwmGqaJdoNKeeAVZ+SRy0YYeywFPhb20cTv+RWicO8vK2h5dtAqm9de
FNYUPRkoiA5npyplo8UmgdXhsIlWE2Ad/hJFimYACJEmaPCdJD5K2E1mHefpaytg
yjTDISLHkzmbjcanZpy8IkzaQjWRETxJmr17XpmdWOxggX37oz423kWQ9dAUCJxX
AB0i7NrpT1pKDNf+thjTkfChqKFUxbD+arsCasvgNeSX7GlI7kOv2XTDs6sVwj8r
To2j/5wyjmfJlW/X/WWFO/1Oq6bor+1/7OTAvBk50Cb4Zvy+YCafAgdBVW/xbN8Z
JuIvFko6GJ7c4BuBKoHnwwdKL9WK4bREAf/cpy1nElOFh05T2/5cYJtqPechmhhu
LPHplBSoD6ulYhWyYruC22lgVXBRdY7G10xyay/vcF+KyhkItmfE78w6o1x2tFNC
o7A4fOK2SwetjBT3TFur47c5N3RBvPRhVbeiGrICKxMJ4gXlgoc=
=PaST
-----END PGP SIGNATURE-----