FEDORA-2020-04e3d34451 created by nhorman 3 months ago for Fedora 32
stable

Fix cvws CVE-2020-10726,CVE-2020-10724,CVE-2020-10723,CVE-2020-10722,CVE-2020-10725

How to install

sudo dnf upgrade --advisory=FEDORA-2020-04e3d34451

This update has been submitted for testing by nhorman.

3 months ago

This update's test gating status has been changed to 'waiting'.

3 months ago

This update's test gating status has been changed to 'ignored'.

3 months ago

This update has been pushed to testing.

3 months ago

This update can be pushed to stable now if the maintainer wishes

3 months ago

This update has been submitted for stable by bodhi.

3 months ago

This update has been pushed to stable.

3 months ago
User Icon robatino commented & provided feedback 3 months ago
karma

Not installable:

Skipping packages with conflicts: (add '--best --allowerasing' to command line to force their upgrade): dpdk x86_64 2:19.11.1-2.fc32 updates 4.0 M

User Icon tredaell provided feedback 3 months ago
karma
User Icon robatino commented & provided feedback 3 months ago

This is not installable only because the corresponding required version of openvswitch was never pushed to stable. See https://bugzilla.redhat.com/show_bug.cgi?id=1841411 and FEDORA-2020-add0c5f7c9 . When I install it from https://kojipkgs.fedoraproject.org/packages/openvswitch/2.13.0/1.fc32/data/signed/12c944d0/x86_64/ , then dpdk is installable.


Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
-2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
3 months ago
in testing
3 months ago
in stable
3 months ago
BZ#1837055 CVE-2020-10722 dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() [fedora-all]
0
0
BZ#1837056 CVE-2020-10723 dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() [fedora-all]
0
0
BZ#1837057 CVE-2020-10724 dpdk: librte_vhost Missing inputs validation in Vhost-crypto [fedora-all]
0
0
BZ#1837059 CVE-2020-10725 dpdk: librte_vhost Malicious guest could cause segfault by sending invalid Virtio descriptor [fedora-all]
0
0
BZ#1837060 CVE-2020-10726 dpdk: librte_vhost VHOST_USER_GET_INFLIGHT_FD message flooding to result in a DoS [fedora-all]
0
0

Automated Test Results