[SECURITY] [DLA 3168-1] openvswitch security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3168-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
October 29, 2022 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : openvswitch
Version : 2.10.7+ds1-0+deb10u2
CVE ID : CVE-2022-32166
An issue has been found in openvswitch, a software-based, Ethernet
virtual switch.
This issue is about a heap buffer over-read in flow.c, which could lead
to access to an unmapped region of memory. This could result in crashing
the software, memory modification, or possible remote execution.
For Debian 10 buster, this problem has been fixed in version
2.10.7+ds1-0+deb10u2.
We recommend that you upgrade your openvswitch packages.
For the detailed security status of openvswitch please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openvswitch
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmNc6wJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEdKag//ceEp6nfuZSmcTeA1h4tiS8GhaYDyTy+HI/pgYs84ovjvJJQjtcQltOMz
qzu2LSevOXDwpTsdfGQos2hKbq7ZcYVucjmDOh66O0mW92Dis6ICreQJQ68mfFf+
57TmhyTl4bL21EFfIaNylsB7gEsjyykNGxOWYRDF+hX48zjNlOrFMWVCxSfJwQv9
j7Qc3ytdSwjrAWCF6v0mn7ijkHHjOhERKJ6jUbiUJ2NLi8bIarxWroTpnq8h/q7j
rOxIie+yu6RpgiiAV6XYwJqWCEIKdxCLhANbGLNVNUID7h+UeYNJkZMQhx1fqqPM
LxkKfVjBUdiFNRAp3NWYYDTqB3WJ6eugcfkCJgUWOlgbbGZ0dQVZY1CHYXhzmA6P
IpUE33KvfTYzkXbzYiisWY1U916TO0cbsD0EB76LTt/eRh3xM4nw1y2LyMB5YsQu
pYZAKbtXocCVm/JwOeULX0kOp8TT1doHoWAB8Bw+0GW81UyNqGC9JxwlrhF3DNWN
eJB4eJNeeds11vO2RvoiF7HDRfu6ffanPBmcWzz9E7jcyoQXERDAp2UtBqWCbdl9
wlfHs1o83+Hpd4FEslrXl7tBqfWNtrvoX8ixWRjQMFjZn28vjukgBkNO27gCMNb1
ujiQDDCeLYJRQ6X5f97JIK7uozKx3U9FFMbiyBBdUuxkiCbw37E=
=2XdP
-----END PGP SIGNATURE-----
Reply to: