[Git][security-tracker-team/security-tracker][master] openvswitch DSA

Thu, 14 Mar 2024 06:21:16 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5e98d947 by Moritz Mühlenhoff at 2024-03-14T14:20:15+01:00
openvswitch DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -12380,7 +12380,7 @@ CVE-2024-22876 (StrangeBee TheHive 5.1.0 to 5.1.9 and 
5.2.0 to 5.2.8 is vulnerab
        NOT-FOR-US: StrangeBee TheHive
 CVE-2024-22563 (openvswitch 2.17.8 was discovered to contain a memory leak via 
the fun ...)
        - openvswitch 2.17.2-4
-       [bullseye] - openvswitch <no-dsa> (Minor issue)
+       [bullseye] - openvswitch 2.15.0+ds1-2+deb11u5
        [buster] - openvswitch <not-affected> (Vulnerable code introduced later)
        NOTE: https://github.com/openvswitch/ovs-issues/issues/315
        NOTE: 
https://github.com/openvswitch/ovs/commit/3168f328c78cf6e4b3022940452673b0e49f7620
 (v2.17.0)
@@ -32079,8 +32079,6 @@ CVE-2023-33268 (An issue was discovered in DTS 
Monitoring 3.57.0. The parameter
 CVE-2023-5366 (A flaw was found in Open vSwitch that allows ICMPv6 Neighbor 
Advertise ...)
        {DLA-3734-1}
        - openvswitch 3.1.2-1
-       [bookworm] - openvswitch <no-dsa> (Minor issue)
-       [bullseye] - openvswitch <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2006347
        NOTE: 
https://github.com/openvswitch/ovs/commit/694c7b4e097c4d89e23ea9b3c7b677b4fcbe0459
 (v3.1.2)
        NOTE: 
https://github.com/openvswitch/ovs/commit/489553b1c21692063931a9f50b6849b23128443c
 (v3.2.0)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[14 Mar 2024] DSA-5640-1 openvswitch - security update
+       {CVE-2023-3966 CVE-2023-5366}
+       [bullseye] - openvswitch 2.15.0+ds1-2+deb11u5
+       [bookworm] - openvswitch 3.1.0-2+deb12u1
 [13 Mar 2024] DSA-5639-1 chromium - security update
        {CVE-2024-2400}
        [bookworm] - chromium 122.0.6261.128-1~deb12u1


=====================================
data/dsa-needed.txt
=====================================
@@ -54,9 +54,6 @@ nodejs
 --
 opennds/stable
 --
-openvswitch (jmm)
-  Maintainer sent debdiff for CVE-2023-3966, but there are other CVE fixes 
which might be piggy backed.
---
 php-cas/oldstable
 --
 php-dompdf-svg-lib/stable



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e98d947f346241b5513a6c70629e8ec73a1b55b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e98d947f346241b5513a6c70629e8ec73a1b55b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to