-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 03 Oct 2022 12:59:27 +0200 Source: openvswitch Architecture: source Version: 2.15.0+ds1-2+deb11u2 Distribution: bullseye-security Urgency: medium Maintainer: Debian OpenStack <team+openst...@tracker.debian.org> Changed-By: Thomas Goirand <z...@debian.org> Closes: 1027273 Changes: openvswitch (2.15.0+ds1-2+deb11u2) bullseye-security; urgency=medium . * Fix ovs-dpctl-top by removing 3 wrong hunks in py3-compat.patch. * CVE-2022-4337 & CVE-2022-4338: Out-of-Bounds Read and Integer Underflow in Organization Specific TLV. Added upstream patches (Closes: #1027273). Checksums-Sha1: a3027ea346e4cdbc1b771d3323b7802d89bfbd72 3180 openvswitch_2.15.0+ds1-2+deb11u2.dsc 23e1e6493c66a7af4b454c473c34f1ed5de4b9cf 3721240 openvswitch_2.15.0+ds1.orig.tar.xz e8514245add5f997f81832cb9bd321e3b492bf70 54040 openvswitch_2.15.0+ds1-2+deb11u2.debian.tar.xz ed95acd0db0935ad1b5fc381752265ff642e47fc 21970 openvswitch_2.15.0+ds1-2+deb11u2_amd64.buildinfo Checksums-Sha256: 6b9af72d052ed38cc35e309bca041e896d8859022b8f4b599d03b103e6114e1d 3180 openvswitch_2.15.0+ds1-2+deb11u2.dsc 801aeb7e4135f20ebb965df47527ce1118da25ac143a975113f4f0d2c7be62ab 3721240 openvswitch_2.15.0+ds1.orig.tar.xz fb5580da1365fd9bbb1de0d1b17d6b0027b5659daa64eae8adebb908f423757d 54040 openvswitch_2.15.0+ds1-2+deb11u2.debian.tar.xz 4e5e33bac7f768e0601fb43da81a332d5a10a368c3f46b3e07e1db3a6502138b 21970 openvswitch_2.15.0+ds1-2+deb11u2_amd64.buildinfo Files: 4322b65be1e8c2db43401253240cea24 3180 net optional openvswitch_2.15.0+ds1-2+deb11u2.dsc 534a718be0dac829f71f02bc4e89fe1f 3721240 net optional openvswitch_2.15.0+ds1.orig.tar.xz 024a68141a69d72c59aa854a4c681af6 54040 net optional openvswitch_2.15.0+ds1-2+deb11u2.debian.tar.xz d940001372210fbb4926a4d8aa5e7a03 21970 net optional openvswitch_2.15.0+ds1-2+deb11u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmPBEIwACgkQ1BatFaxr Q/4NHRAAj6txhSM5hwkldU/hMT/wNuPKSqndZy2FC4TrDXfzYGDUfROZk6x5ClKr ozIZ/nsMBViJVTXPybhrNJnFhALW/CY3nLNuLbqqxkFfHZAqrHLdJf9qclBTvChd i6RO/xnNzip9KmrfNA+8WSpgfK7Vuq46qIxKxKrix7VSq/V5297oYzS7kkFCzEBg gaDQ84F66ByL/Mi7fWHwu1dhpKCJMRR1kU9bniwbTr4pyYQCznXPO2+qDMtFjoeP NH1IewlZggTIpvgYrU2qkHOIB4V6S9KoXgeYpxGnzLFYM0KGeN+upKL5rEApJEKu +kh4jfIiS8x9BueNIe05BraFkP4h+/GYWwZ0pyi5UGy90wrmYQqcMIXcH2YXUk1e 4YL7i2iWyr6yy/HHZbr4qKpba5W835aCWiKKO7f6qzvEaoWHsWDGjyQTawefJTeN 04amnzLvIcrHeIRC3tUrF2ZXLKA1eF/Z93hM/7CrMuRHMvofscZNP+v4/bhdDz2g PeAF3z1j2etfRuL5GbBWeTH84uJ6SJC6S6QwHx+J/oaPy/CpAXB7O9KndYJuGnXw ZkM3zj0QbNBh44Q4HNY1ZtR6jwacXyOu0hZRdyAggfbHsE/vaKLIgWwA+2Y0qqki I2ghdMoswWBWl9zRxpnvvvdz+IpZ6cNM8AKAPJq7G+09d78iiWM= =n07G -----END PGP SIGNATURE-----