Overview

File _patchinfo of Package patchinfo.17066

<patchinfo incident="17066">
 <issue tracker="bnc" id="1117483">openvswitch: please consider dropping the use of DISABLE_STOP_ON_REMOVAL/DISABLE_RESTART_ON_UPDATE</issue>
  <issue tracker="bnc" id="1181345">VUL-0: CVE-2020-27827: openvswitch: memory leak while parsing lldp packets</issue>
  <issue tracker="cve" id="2020-27827"/>
  <packager>jaicaa</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for openvswitch</summary>
  <description>This update for openvswitch fixes the following issues:
	  
- openvswitch was updated to 2.5.11 
- CVE-2020-27827: Fixed a memory leak when parsing lldp packets (bsc#1181345)	  
- datapath: Clear the L4 portion of the key for "later" fragments
- datapath: Properly set L4 keys on "later" IP fragments
- ofproto-dpif: Fix using uninitialised memory in user_action_cookie.
- stream-ssl: Fix crash on NULL private key and valid certificate.
- datapath: fix flow actions reallocation
</description>      
</patchinfo>
openSUSE Build Service is sponsored by
Places