You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa openvswitch

Sigurnosni nedostaci programskog paketa openvswitch

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2017-10-16 15:51:47.722264

Name : openvswitch
Product : Fedora 26
Version : 2.7.3
Release : 2.fc26
Summary : Open vSwitch daemon/database/utilities
Description :
Open vSwitch provides standard network bridging functions and
support for the OpenFlow protocol for remote per-flow control of

Update Information:

Add a symlink of the OCF script in the OCF resources folder —- Updated to
Open vSwitch 2.7.3 and DPDK 16.11.3 for CVE-2017-14970 —- Security fix for
CVE-2017-9263, CVE-2017-9265 —- Updated to Open vSwitch 2.7.1 and DPDK
16.11.2 (#1468234)

[ 1 ] Bug #1497966 – CVE-2017-14970 openvswitch: Multiple memory leaks in lib/ofp-util.c while parsing malformed OpenFlow group mod messages
[ 2 ] Bug #1457327 – CVE-2017-9263 openvswitch: Invalid processing of a malicious OpenFlow role status message
[ 3 ] Bug #1457335 – CVE-2017-9265 openvswitch: Buffer over-read while parsing the group mod OpenFlow message

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade openvswitch’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorDanijel Kozinovic
Cert idNCERT-REF-2017-10-0114-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa curl

Otkriven je sigurnosni nedostatak u programskom paketu curl za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja....