Security update for openvswitch
| Announcement ID: | SUSE-SU-2026:1306-1 |
|---|---|
| Release Date: | 2026-04-13T20:02:56Z |
| Rating: | moderate |
| References: | |
| Cross-References: | |
| CVSS scores: |
|
| Affected Products: |
|
An update that solves one vulnerability can now be installed.
Description:
This update for openvswitch fixes the following issues:
- CVE-2026-34956: invalid memory access via crafted FTP payloads in userspace conntrack flows specifying the FTP alg handler (bsc#1261273).
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.6
zypper in -t patch SUSE-2026-1306=1
Package List:
-
openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
- ovn-debuginfo-23.03.3-150600.33.12.1
- ovn-vtep-debuginfo-23.03.3-150600.33.12.1
- libovn-23_03-0-debuginfo-23.03.3-150600.33.12.1
- openvswitch-test-debuginfo-3.1.7-150600.33.12.1
- openvswitch-devel-3.1.7-150600.33.12.1
- openvswitch-debugsource-3.1.7-150600.33.12.1
- openvswitch-vtep-debuginfo-3.1.7-150600.33.12.1
- openvswitch-vtep-3.1.7-150600.33.12.1
- libopenvswitch-3_1-0-3.1.7-150600.33.12.1
- libovn-23_03-0-23.03.3-150600.33.12.1
- ovn-devel-23.03.3-150600.33.12.1
- python3-ovs-3.1.7-150600.33.12.1
- ovn-central-debuginfo-23.03.3-150600.33.12.1
- ovn-23.03.3-150600.33.12.1
- openvswitch-ipsec-3.1.7-150600.33.12.1
- openvswitch-test-3.1.7-150600.33.12.1
- ovn-central-23.03.3-150600.33.12.1
- openvswitch-pki-3.1.7-150600.33.12.1
- openvswitch-3.1.7-150600.33.12.1
- ovn-host-debuginfo-23.03.3-150600.33.12.1
- libopenvswitch-3_1-0-debuginfo-3.1.7-150600.33.12.1
- openvswitch-debuginfo-3.1.7-150600.33.12.1
- ovn-host-23.03.3-150600.33.12.1
- ovn-vtep-23.03.3-150600.33.12.1
- ovn-docker-23.03.3-150600.33.12.1
-
openSUSE Leap 15.6 (noarch)
- openvswitch-doc-3.1.7-150600.33.12.1
- ovn-doc-23.03.3-150600.33.12.1