Recommended update for openvswitch

Announcement ID: SUSE-RU-2019:0525-1
Rating: moderate
References:
Affected Products:
  • SUSE Enterprise Storage 4
  • SUSE Linux Enterprise High Performance Computing 12 SP2
  • SUSE Linux Enterprise High Performance Computing 12 SP3
  • SUSE Linux Enterprise High Performance Computing 12 SP4
  • SUSE Linux Enterprise High Performance Computing 12 SP5
  • SUSE Linux Enterprise Point of Service Image Server 12 12-SP2
  • SUSE Linux Enterprise Server 12 SP2
  • SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
  • SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2
  • SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2
  • SUSE Linux Enterprise Server 12 SP3
  • SUSE Linux Enterprise Server 12 SP4
  • SUSE Linux Enterprise Server 12 SP5
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5
  • SUSE OpenStack Cloud 7

An update that has two fixes can now be installed.

Description:

This update for openvswitch fixes the following issues:

openvswitch was updated to the new upstream bugfix release 2.5.6 (bsc#1112697).

Some of the changes are

  • odp-execute: Fix broken build with Clang as compiler.
  • netdev: Properly clear 'details' when iterating in NETDEV_QOS_FOR_EACH.
  • lex: Fix buffer overrun parsing overlong hexadecimal constants.
  • ovsdb-client: Fix a bug that uses wrong index
  • flow: Fix uninitialized flow fields in IPv6 error case.
  • meta-flow: Make "nw_frag" a synonym for "ip_frag".
  • odp-util: Don't attempt to write IPv6 flow label bits that don't exist.
  • daemon-unix: Use same name for original or restarted children.
  • utilities: Drop shebang from bash completion script
  • netdev-linux: Avoid division by 0 if kernel reports bad scheduler data.
  • pcap-file: Fix formatting of log message.
  • compat: Initialize IPv4 reassembly secret timer
  • ofp-group: Don't assert-fail decoding bad OF1.5 group mod type or command.
  • ofp-actions: Fix buffer overread in decode_LEARN_specs().
  • ofp-actions: Avoid buffer overread in BUNDLE action decoding.
  • rconn: Suppress 'connected' log for unreliable connections.
  • rconn: Introduce new invariant to fix assertion failure in corner case.
  • ovs-vsctl: Fix segfault when attempting to del-port from parent bridge.
  • ovn: Fix tunnel id overflow.
  • bond: Fix bug that writes to freed memory
  • netdev: netdev_get_etheraddr is not functioning as advertised.
  • ofp-util: Fix memory leaks on error cases in ofputil_decode_group_mod().
  • odp-util: Fix buffer overread in parsing string form of ODP flows.
  • ofp-util: Fix buffer overread in ofputil_decode_bundle_add().
  • ofp-util: Fix buffer overread in ofputil_pull_queue_get_config_reply().
  • ofproto-dpif-xlate: Always process IGMP packets in userspace.
  • ofp-util: Fix memory leaks when parsing OF1.5 group properties.
  • ofproto-dpif-upcall: Fix key attr iteration.
  • ofproto-dpif-upcall: Fix action attr iteration.
  • bridge: Avoid read of uninitialized data configuring Auto-Attach.
  • lacp: enable bond slave immediately after lacp attach
  • ofproto-dpif-xlate: Fixes for propagating state of conntrack.
  • ovsdb-types: Fix memory leak on error path.
  • ofp-util: fix memory leak in ofputil_pull_ofp11_buckets
  • ofp-util: Check length of buckets in ofputil_pull_ofp15_group_mod().
  • ofp-print: Don't abort on unknown reason in role status message.
  • odp-util: Avoid misaligned references to ip6_hdr.
  • ofp-util: Initialize tunnel metadata for OpenFlow 1.0 matches.
  • extract-ofp-errors: Avoid unintentional sign extension in generated code.
  • flow: Fix buffer overread in flow_hash_symmetric_l3l4().
  • ofp-print: Avoid array overread in print_table_instruction_features().
  • dpif-netlink: Fix multiple-free and fd leak on error path.
  • bridge: Fix memory leak in bridge_aa_update_trunks().
  • ofproto-dpif-xlate: Fix the memory leak in netflow.
  • rstp/stp: Unref the rstp/stp when bridges destroyed.
  • ofproto-dpif-xlate: Allow sending BFD messages when STP port is not forwarding.
  • pinsched: Update next_txq pointer when destroying pinqueue.
  • ofproto/bond: fix interal flow leak of tcp-balance bond
  • ofproto/bond: Fix bond post recirc rule leak.
  • ofproto/bond: Fix bond reconfiguration race condition.
  • ofproto/bond: Fix bond/show when all interfaces are disabled
  • ofproto/bond: Validate active-slave mac.
  • tnl-neigh-cache: Force revalidation for a new neighbor entry.
  • ofproto-dpif: Use acquire/release barriers with 'tables_version'.
  • dpif-netdev: Avoids repeated addition of DP_STAT_LOST.
  • rconn: Avoid abort for ill-behaved remote.
  • ofproto-dpif-ipfix: Fix assertion failure for bad configuration.
  • netdev-dpdk: Use instant sending instead of queueing of packets.
  • ovs-vswitchd: Avoid segfault for "netdev" datapath.
  • ofproto: Incorrect statistics will be increased
  • tunnel: set udp dst-port in tunnel metadata
  • ofproto-dpif: Always forward 'used' from the old_rule.
  • ofproto-dpif-xlate: Fix duplicate multicast packets
  • ofproto: Return the OFPC_BUNDLES bit in switch features reply.
  • tnl-ports: fix missing netdev_close
  • stream-ssl: Fix memory leak on error path.
  • dpif-netdev: Fix crash in dpif_netdev_execute().
  • netdev-linux: double tagged packets should use 0x88a8

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE OpenStack Cloud 7
    zypper in -t patch SUSE-OpenStack-Cloud-7-2019-525=1
  • SUSE Linux Enterprise Point of Service Image Server 12 12-SP2
    zypper in -t patch SUSE-SLE-POS-12-SP2-CLIENT-2019-525=1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2
    zypper in -t patch SUSE-SLE-SAP-12-SP2-2019-525=1
  • SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2019-525=1
  • SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-ESPOS-2019-525=1
  • SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-2019-525=1
  • SUSE Enterprise Storage 4
    zypper in -t patch SUSE-Storage-4-2019-525=1

Package List:

  • SUSE OpenStack Cloud 7 (x86_64)
    • openvswitch-dpdk-2.5.6-25.15.9
    • openvswitch-debugsource-2.5.6-25.15.9
    • openvswitch-dpdk-switch-2.5.6-25.15.9
    • openvswitch-switch-debuginfo-2.5.6-25.15.9
    • openvswitch-2.5.6-25.15.9
    • openvswitch-dpdk-debugsource-2.5.6-25.15.9
    • openvswitch-debuginfo-2.5.6-25.15.9
    • openvswitch-switch-2.5.6-25.15.9
    • openvswitch-dpdk-debuginfo-2.5.6-25.15.9
    • openvswitch-dpdk-switch-debuginfo-2.5.6-25.15.9
  • SUSE Linux Enterprise Point of Service Image Server 12 12-SP2 (x86_64)
    • openvswitch-dpdk-2.5.6-25.15.9
    • openvswitch-debugsource-2.5.6-25.15.9
    • openvswitch-dpdk-switch-2.5.6-25.15.9
    • openvswitch-switch-debuginfo-2.5.6-25.15.9
    • openvswitch-2.5.6-25.15.9
    • openvswitch-dpdk-debugsource-2.5.6-25.15.9
    • openvswitch-debuginfo-2.5.6-25.15.9
    • openvswitch-switch-2.5.6-25.15.9
    • openvswitch-dpdk-debuginfo-2.5.6-25.15.9
    • openvswitch-dpdk-switch-debuginfo-2.5.6-25.15.9
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 (ppc64le x86_64)
    • openvswitch-debugsource-2.5.6-25.15.9
    • openvswitch-switch-debuginfo-2.5.6-25.15.9
    • openvswitch-2.5.6-25.15.9
    • openvswitch-debuginfo-2.5.6-25.15.9
    • openvswitch-switch-2.5.6-25.15.9
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 (x86_64)
    • openvswitch-dpdk-2.5.6-25.15.9
    • openvswitch-dpdk-switch-2.5.6-25.15.9
    • openvswitch-dpdk-debugsource-2.5.6-25.15.9
    • openvswitch-dpdk-debuginfo-2.5.6-25.15.9
    • openvswitch-dpdk-switch-debuginfo-2.5.6-25.15.9
  • SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (x86_64)
    • openvswitch-dpdk-2.5.6-25.15.9
    • openvswitch-debugsource-2.5.6-25.15.9
    • openvswitch-dpdk-switch-2.5.6-25.15.9
    • openvswitch-switch-debuginfo-2.5.6-25.15.9
    • openvswitch-2.5.6-25.15.9
    • openvswitch-dpdk-debugsource-2.5.6-25.15.9
    • openvswitch-debuginfo-2.5.6-25.15.9
    • openvswitch-switch-2.5.6-25.15.9
    • openvswitch-dpdk-debuginfo-2.5.6-25.15.9
    • openvswitch-dpdk-switch-debuginfo-2.5.6-25.15.9
  • SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2 (x86_64)
    • openvswitch-dpdk-2.5.6-25.15.9
    • openvswitch-debugsource-2.5.6-25.15.9
    • openvswitch-dpdk-switch-2.5.6-25.15.9
    • openvswitch-switch-debuginfo-2.5.6-25.15.9
    • openvswitch-2.5.6-25.15.9
    • openvswitch-dpdk-debugsource-2.5.6-25.15.9
    • openvswitch-debuginfo-2.5.6-25.15.9
    • openvswitch-switch-2.5.6-25.15.9
    • openvswitch-dpdk-debuginfo-2.5.6-25.15.9
    • openvswitch-dpdk-switch-debuginfo-2.5.6-25.15.9
  • SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (ppc64le s390x x86_64)
    • openvswitch-debugsource-2.5.6-25.15.9
    • openvswitch-switch-debuginfo-2.5.6-25.15.9
    • openvswitch-2.5.6-25.15.9
    • openvswitch-debuginfo-2.5.6-25.15.9
    • openvswitch-switch-2.5.6-25.15.9
  • SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (x86_64)
    • openvswitch-dpdk-2.5.6-25.15.9
    • openvswitch-dpdk-switch-2.5.6-25.15.9
    • openvswitch-dpdk-debugsource-2.5.6-25.15.9
    • openvswitch-dpdk-debuginfo-2.5.6-25.15.9
    • openvswitch-dpdk-switch-debuginfo-2.5.6-25.15.9
  • SUSE Enterprise Storage 4 (x86_64)
    • openvswitch-dpdk-2.5.6-25.15.9
    • openvswitch-debugsource-2.5.6-25.15.9
    • openvswitch-dpdk-switch-2.5.6-25.15.9
    • openvswitch-switch-debuginfo-2.5.6-25.15.9
    • openvswitch-2.5.6-25.15.9
    • openvswitch-dpdk-debugsource-2.5.6-25.15.9
    • openvswitch-debuginfo-2.5.6-25.15.9
    • openvswitch-switch-2.5.6-25.15.9
    • openvswitch-dpdk-debuginfo-2.5.6-25.15.9
    • openvswitch-dpdk-switch-debuginfo-2.5.6-25.15.9

References: