[Bug 2053113] Re: Insufficient validation of incoming BFD packets.
This bug was fixed in the package ovn - 24.03.1-2ubuntu1~cloud0 --- ovn (24.03.1-2ubuntu1~cloud0) jammy-caracal; urgency=medium . * New upstream release for the Ubuntu Cloud Archive. . ovn (24.03.1-2ubuntu1) noble; urgency=medium . * d/rules: Fix check for ovs populated from openvswitch-source. * d/t/control: Add missing architecture restrictions for openvswitch-switch-dpdk. * d/t/run-tests.sh: Fix autopkgtest for binary packages (LP: #2057998). . ovn (24.03.1-2) unstable; urgency=medium . * Team upload. * d/t/run-tests.sh: Fix typo in autopkgtest script. * d/rules: Skip tests deemed unstable by upstream. * d/skip-tests.txt: Add flaky test to the skip-list. . ovn (24.03.1-1) unstable; urgency=medium . * Team upload. * d/tests: Run system test suites for autopkgtest. * Update upstream source from tag 'upstream/24.03.1'. - CVE-2024-2182: Fix insufficient validation of incoming BFD packets (LP: #2053113). . ovn (24.03.0-1) unstable; urgency=medium . * Team upload. * Update upstream source from tag 'upstream/24.03.0'. * d/control: Replace pkg-config with pkgconf as build dependency. * d/control: Update openvswitch-source build dependency. ** Changed in: cloud-archive Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2053113 Title: Insufficient validation of incoming BFD packets. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2053113/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2053113] Re: Insufficient validation of incoming BFD packets.
@cvalean - yep - I've just push these updates into ovn-22.03 proposed; as we work through testing they will get released to the updates pocket as well. ** Also affects: cloud-archive/ovn-22.03 Importance: Undecided Status: New ** Changed in: cloud-archive/ovn-22.03 Status: New => Fix Committed ** Changed in: cloud-archive/ovn-22.03 Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2053113 Title: Insufficient validation of incoming BFD packets. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2053113/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2053113] Re: Insufficient validation of incoming BFD packets.
** Changed in: cloud-archive Status: Invalid => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2053113 Title: Insufficient validation of incoming BFD packets. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2053113/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2053113] Re: Insufficient validation of incoming BFD packets.
Hi James, We are using ovn 22.03 on top of focal from this repo [0] which seems to not have been updated to have the fix for the CVE described here. Would it be possible for that to get an update as well? Thank you! [0] http://ubuntu-cloud.archive.canonical.com/ubuntu/dists/focal- updates/ovn-22.03/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2053113 Title: Insufficient validation of incoming BFD packets. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2053113/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2053113] Re: Insufficient validation of incoming BFD packets.
I've uploaded both UCA only updates to the staging area for the associated release series. ** Information type changed from Private Security to Public Security ** Changed in: ovn (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2053113 Title: Insufficient validation of incoming BFD packets. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2053113/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs