SUSE-SU-2021:0300-1

Опубликовано: 03 фев. 2021

Источник: suse-cvrf

Описание

Security update for openvswitch

This update for openvswitch fixes the following issues:

openvswitch was updated to 2.11.5
CVE-2020-27827: Fixed a memory leak when parsing lldp packets (bsc#1181345)

Список пакетов

SUSE Enterprise Storage 6

libopenvswitch-2_11-0-2.11.5-3.12.1

openvswitch-2.11.5-3.12.1

openvswitch-devel-2.11.5-3.12.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

libopenvswitch-2_11-0-2.11.5-3.12.1

openvswitch-2.11.5-3.12.1

openvswitch-devel-2.11.5-3.12.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

libopenvswitch-2_11-0-2.11.5-3.12.1

openvswitch-2.11.5-3.12.1

openvswitch-devel-2.11.5-3.12.1

SUSE Linux Enterprise Module for Package Hub 15 SP2

python2-ovs-2.11.5-3.12.1

SUSE Linux Enterprise Server 15 SP1-BCL

libopenvswitch-2_11-0-2.11.5-3.12.1

openvswitch-2.11.5-3.12.1

openvswitch-devel-2.11.5-3.12.1

SUSE Linux Enterprise Server 15 SP1-LTSS

libopenvswitch-2_11-0-2.11.5-3.12.1

openvswitch-2.11.5-3.12.1

openvswitch-devel-2.11.5-3.12.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

libopenvswitch-2_11-0-2.11.5-3.12.1

openvswitch-2.11.5-3.12.1

openvswitch-devel-2.11.5-3.12.1

SUSE Manager Proxy 4.0

libopenvswitch-2_11-0-2.11.5-3.12.1

openvswitch-2.11.5-3.12.1

openvswitch-devel-2.11.5-3.12.1

SUSE Manager Retail Branch Server 4.0

libopenvswitch-2_11-0-2.11.5-3.12.1

openvswitch-2.11.5-3.12.1

openvswitch-devel-2.11.5-3.12.1

SUSE Manager Server 4.0

libopenvswitch-2_11-0-2.11.5-3.12.1

openvswitch-2.11.5-3.12.1

openvswitch-devel-2.11.5-3.12.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20210300-1/
Link for SUSE-SU-2021:0300-1
https://lists.suse.com/pipermail/sle-security-updates/2021-February/008270.html
E-Mail link for SUSE-SU-2021:0300-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1117483
SUSE Bug 1117483
https://bugzilla.suse.com/1181345
SUSE Bug 1181345
https://www.suse.com/security/cve/CVE-2020-27827/
SUSE CVE CVE-2020-27827 page

Описание

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

Затронутые продукты

SUSE Enterprise Storage 6:libopenvswitch-2_11-0-2.11.5-3.12.1

SUSE Enterprise Storage 6:openvswitch-2.11.5-3.12.1

SUSE Enterprise Storage 6:openvswitch-devel-2.11.5-3.12.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libopenvswitch-2_11-0-2.11.5-3.12.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-27827.html
CVE-2020-27827
https://bugzilla.suse.com/1181345
SUSE Bug 1181345

SUSE-SU-2021:0300-1

Описание

Список пакетов

SUSE Enterprise Storage 6

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise Module for Package Hub 15 SP2

SUSE Linux Enterprise Server 15 SP1-BCL

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

SUSE Manager Proxy 4.0

SUSE Manager Retail Branch Server 4.0

SUSE Manager Server 4.0

Ссылки

Уязвимость: CVE-2020-27827

Описание

Затронутые продукты

Ссылки