Описание
Security update for openvswitch3
This update for openvswitch3 fixes the following issues:
- CVE-2023-3153: Fixed service monitor MAC flow is not rate limited (bsc#1212125).
Список пакетов
SUSE Linux Enterprise Module for Server Applications 15 SP5
libopenvswitch-3_1-0-3.1.0-150500.3.6.2
libovn-23_03-0-23.03.0-150500.3.6.2
openvswitch3-3.1.0-150500.3.6.2
openvswitch3-devel-3.1.0-150500.3.6.2
openvswitch3-ipsec-3.1.0-150500.3.6.2
openvswitch3-pki-3.1.0-150500.3.6.2
openvswitch3-test-3.1.0-150500.3.6.2
openvswitch3-vtep-3.1.0-150500.3.6.2
ovn3-23.03.0-150500.3.6.2
ovn3-central-23.03.0-150500.3.6.2
ovn3-devel-23.03.0-150500.3.6.2
ovn3-docker-23.03.0-150500.3.6.2
ovn3-host-23.03.0-150500.3.6.2
ovn3-vtep-23.03.0-150500.3.6.2
python3-ovs3-3.1.0-150500.3.6.2
openSUSE Leap 15.5
libopenvswitch-3_1-0-3.1.0-150500.3.6.2
libovn-23_03-0-23.03.0-150500.3.6.2
openvswitch3-3.1.0-150500.3.6.2
openvswitch3-devel-3.1.0-150500.3.6.2
openvswitch3-doc-3.1.0-150500.3.6.2
openvswitch3-ipsec-3.1.0-150500.3.6.2
openvswitch3-pki-3.1.0-150500.3.6.2
openvswitch3-test-3.1.0-150500.3.6.2
openvswitch3-vtep-3.1.0-150500.3.6.2
ovn3-23.03.0-150500.3.6.2
ovn3-central-23.03.0-150500.3.6.2
ovn3-devel-23.03.0-150500.3.6.2
ovn3-doc-23.03.0-150500.3.6.2
ovn3-docker-23.03.0-150500.3.6.2
ovn3-host-23.03.0-150500.3.6.2
ovn3-vtep-23.03.0-150500.3.6.2
python3-ovs3-3.1.0-150500.3.6.2
Ссылки
- Link for SUSE-SU-2023:3710-1
- E-Mail link for SUSE-SU-2023:3710-1
- SUSE Security Ratings
- SUSE Bug 1212125
- SUSE CVE CVE-2023-3152 page
- SUSE CVE CVE-2023-3153 page
Описание
A vulnerability classified as critical has been found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\posts\view_post.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231021 was assigned to this vulnerability.
Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP5:libopenvswitch-3_1-0-3.1.0-150500.3.6.2
SUSE Linux Enterprise Module for Server Applications 15 SP5:libovn-23_03-0-23.03.0-150500.3.6.2
SUSE Linux Enterprise Module for Server Applications 15 SP5:openvswitch3-3.1.0-150500.3.6.2
SUSE Linux Enterprise Module for Server Applications 15 SP5:openvswitch3-devel-3.1.0-150500.3.6.2
Ссылки
- CVE-2023-3152
Описание
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.
Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP5:libopenvswitch-3_1-0-3.1.0-150500.3.6.2
SUSE Linux Enterprise Module for Server Applications 15 SP5:libovn-23_03-0-23.03.0-150500.3.6.2
SUSE Linux Enterprise Module for Server Applications 15 SP5:openvswitch3-3.1.0-150500.3.6.2
SUSE Linux Enterprise Module for Server Applications 15 SP5:openvswitch3-devel-3.1.0-150500.3.6.2
Ссылки
- CVE-2023-3153
- SUSE Bug 1212125