ALT-BU-2023-3434-1
Branch sisyphus_mipsel update bulletin.
Package openvswitch updated to version 2.17.6-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
BDU:2023-00290
Уязвимость программного многоуровневого коммутатора Open vSwitch, связанная с потерей значимости целого числа, позволяющая нарушителю выполнить произвольный код в целевой системе
BDU:2023-00291
Уязвимость программного многоуровневого коммутатора Open vSwitch, связанная с потерей значимости целого числа, позволяющая нарушителю выполнить произвольный код в целевой системе
Modified: 2024-11-21
CVE-2019-25076
The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack.
- https://arxiv.org/abs/2011.09107
- https://arxiv.org/abs/2011.09107
- https://dl.acm.org/citation.cfm?doid=3359989.3365431
- https://dl.acm.org/citation.cfm?doid=3359989.3365431
- https://sites.google.com/view/tuple-space-explosion
- https://sites.google.com/view/tuple-space-explosion
- https://www.youtube.com/watch?v=5cHpzVK0D28
- https://www.youtube.com/watch?v=5cHpzVK0D28
- https://www.youtube.com/watch?v=DSC3m-Bww64
- https://www.youtube.com/watch?v=DSC3m-Bww64
Modified: 2024-11-21
CVE-2021-3905
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
- https://access.redhat.com/security/cve/CVE-2021-3905
- https://access.redhat.com/security/cve/CVE-2021-3905
- https://bugzilla.redhat.com/show_bug.cgi?id=2019692
- https://bugzilla.redhat.com/show_bug.cgi?id=2019692
- https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349
- https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349
- https://github.com/openvswitch/ovs-issues/issues/226
- https://github.com/openvswitch/ovs-issues/issues/226
- GLSA-202311-16
- GLSA-202311-16
- https://ubuntu.com/security/CVE-2021-3905
- https://ubuntu.com/security/CVE-2021-3905
Modified: 2024-11-21
CVE-2022-4337
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
- https://github.com/openvswitch/ovs/pull/405
- https://github.com/openvswitch/ovs/pull/405
- https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html
- https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html
- GLSA-202311-16
- GLSA-202311-16
- DSA-5319
- DSA-5319
- https://www.openwall.com/lists/oss-security/2022/12/21/4
- https://www.openwall.com/lists/oss-security/2022/12/21/4
Modified: 2024-11-21
CVE-2022-4338
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
- https://github.com/openvswitch/ovs/pull/405
- https://github.com/openvswitch/ovs/pull/405
- https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html
- https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html
- GLSA-202311-16
- GLSA-202311-16
- DSA-5319
- DSA-5319
- https://www.openwall.com/lists/oss-security/2022/12/21/4
- https://www.openwall.com/lists/oss-security/2022/12/21/4
Modified: 2024-11-21
CVE-2023-1668
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.
- https://bugzilla.redhat.com/show_bug.cgi?id=2137666
- https://bugzilla.redhat.com/show_bug.cgi?id=2137666
- [debian-lts-announce] 20230501 [SECURITY] [DLA 3410-1] openvswitch security update
- [debian-lts-announce] 20230501 [SECURITY] [DLA 3410-1] openvswitch security update
- FEDORA-2023-7da03dc2ae
- FEDORA-2023-7da03dc2ae
- GLSA-202311-16
- GLSA-202311-16
- DSA-5387
- DSA-5387
- https://www.openwall.com/lists/oss-security/2023/04/06/1
- https://www.openwall.com/lists/oss-security/2023/04/06/1
Package alterator-auth updated to version 0.44.2-alt1 for branch sisyphus_mipsel.
Closed bugs
Указание версии ОС при включении в домен Active Directory
Package alterator-sysconfig updated to version 1.3.10-alt1 for branch sisyphus_mipsel.
Closed bugs
Не умеет url-encoded переменную http_proxy
Package make-initrd-bootchain updated to version 0.1.5-alt16 for branch sisyphus_mipsel.
Closed bugs
Включается rdshell по тайм-ауту
Package appinstall updated to version 1.4.0-alt1 for branch sisyphus_mipsel.
Closed bugs
Нет белого списка
Не сохраняется список установленных приложений в App Install.
Некорректно отображаются установленные программы в App Install.
Долго запускается на системах с KDE
Package kernelshark updated to version 2.2.0-alt2 for branch sisyphus_mipsel.
Closed bugs
Не хватает зависимости на trace-cmd