DPDK patches and discussions
 help / color / mirror / Atom feed
From: Luca Boccassi <bluca@debian.org>
To: announce@dpdk.org
Subject: [dpdk-dev] [dpdk-announce] DPDK 19.11.2 released
Date: Mon, 18 May 2020 15:50:54 +0100	[thread overview]
Message-ID: <ca1fc49b672c3fd47cce7f7307dba6f2e5719536.camel@debian.org> (raw)

Hi all,

Here is a new stable release:
	https://fast.dpdk.org/rel/dpdk-19.11.2.tar.xz

The git tree is at:
	https://dpdk.org/browse/dpdk-stable/?h=19.11

This release fixes the following security issues:

CVE-2020-10722
CVE-2020-10723
CVE-2020-10724
CVE-2020-10725
CVE-2020-10726

A malicious guess/container can cause resource leak resulting a
Denial-of-Service, or memory corruption and crash, or information leak
in vhost-user backend application.

Thanks to the issue reporters, to the developers for fixing them, and
to RedHat and Intel for validating the fixes.

Luca Boccassi

---
 VERSION                                |  2 +-
 doc/guides/rel_notes/release_19_11.rst | 63
++++++++++++++++++++++++++++++++++
 lib/librte_vhost/vhost_crypto.c        | 17 +++++++++
 lib/librte_vhost/vhost_user.c          | 30 ++++++++++++----
 lib/librte_vhost/virtio_net.c          |  4 +++
 5 files changed, 108 insertions(+), 8 deletions(-)
Luca Boccassi (1):
      version: 19.11.2

Marvin Liu (1):
      vhost: fix translated address not checked

Maxime Coquelin (3):
      vhost: check log mmap offset and size overflow
      vhost: fix vring index check
      vhost/crypto: validate keys lengths

Xiaolong Ye (1):
      vhost: fix potential memory space leak

Xuan Ding (1):
      vhost: fix potential fd leak

                 reply	other threads:[~2020-05-18 14:51 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ca1fc49b672c3fd47cce7f7307dba6f2e5719536.camel@debian.org \
    --to=bluca@debian.org \
    --cc=announce@dpdk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).