From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9086BA0093; Mon, 18 May 2020 16:51:09 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 865031D446; Mon, 18 May 2020 16:50:58 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id CCBCE1D40E; Mon, 18 May 2020 16:50:57 +0200 (CEST) Received: from mail-wm1-f68.google.com (mail-wm1-f68.google.com [209.85.128.68]) by dpdk.org (Postfix) with ESMTP id 162A11D40D for ; Mon, 18 May 2020 16:50:56 +0200 (CEST) Received: by mail-wm1-f68.google.com with SMTP id n18so6542455wmj.5 for ; Mon, 18 May 2020 07:50:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:subject:from:to:date :content-transfer-encoding:user-agent:mime-version; bh=LTcVIZ73P53R9kza5g1+XQeCNOiIWHi+pqD3MqIPJiI=; b=FlEkVU3VsMu2AUTkSMg3FFl3fGeVOVtZ9vWtKltmVADzUVCkAzY38ua/WjzdyP2I/L VoR+MkTL76cqB6U66yerSVe6GDdx8XtaxV6yotTX2yHBRFqiDahJmzLRmQ5uVr9EWhzu 0QFEhfaO0FoNHXksLgANU4ymfR41GzXTdRZi0LCfTtt1RI2KiiRuW+QEqNHvWYxwXx0Q d3CeryO6fFTvB1BWyUIjCNlaSIoBbYHM0LDVTmgkoLS6+OYxi7JRcnjVCAXIOnNhylET JfHqfFX9+RI8YsrULGnx4eUzJJ4iUmAMkSpO3U6xDI7oZYoNQmiN+EDuxhOzVJZPJK7B k/Sw== X-Gm-Message-State: AOAM532j+TLS0r0FZlxRTPM3YwTHynlxckMCBpmzujAaykGHH1hDdeHn cWYYarrvlONUTRfGstm6/AvVpvd7NNu8vw== X-Google-Smtp-Source: ABdhPJzolOBdIO+BlhokYLo0S655dFhgbe/r3foZ51WD8FH85JlmE+Y9NEh4Hh/byYp7HH933mClww== X-Received: by 2002:a1c:b104:: with SMTP id a4mr19364567wmf.24.1589813455515; Mon, 18 May 2020 07:50:55 -0700 (PDT) Received: from localhost ([2a01:4b00:f419:6f00:e2db:6a88:4676:d01b]) by smtp.gmail.com with ESMTPSA id c17sm17095502wrn.59.2020.05.18.07.50.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 May 2020 07:50:55 -0700 (PDT) Message-ID: From: Luca Boccassi To: announce@dpdk.org Date: Mon, 18 May 2020 15:50:54 +0100 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.30.5-1.1 MIME-Version: 1.0 X-BeenThere: announce@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list Subject: [dpdk-dev] [dpdk-announce] DPDK 19.11.2 released X-BeenThere: dev@dpdk.org List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi all, Here is a new stable release: https://fast.dpdk.org/rel/dpdk-19.11.2.tar.xz The git tree is at: https://dpdk.org/browse/dpdk-stable/?h=3D19.11 This release fixes the following security issues: CVE-2020-10722 CVE-2020-10723 CVE-2020-10724 CVE-2020-10725 CVE-2020-10726 A malicious guess/container can cause resource leak resulting a Denial-of-Service, or memory corruption and crash, or information leak in vhost-user backend application. Thanks to the issue reporters, to the developers for fixing them, and to RedHat and Intel for validating the fixes. Luca Boccassi --- VERSION | 2 +- doc/guides/rel_notes/release_19_11.rst | 63 ++++++++++++++++++++++++++++++++++ lib/librte_vhost/vhost_crypto.c | 17 +++++++++ lib/librte_vhost/vhost_user.c | 30 ++++++++++++---- lib/librte_vhost/virtio_net.c | 4 +++ 5 files changed, 108 insertions(+), 8 deletions(-) Luca Boccassi (1): version: 19.11.2 Marvin Liu (1): vhost: fix translated address not checked Maxime Coquelin (3): vhost: check log mmap offset and size overflow vhost: fix vring index check vhost/crypto: validate keys lengths Xiaolong Ye (1): vhost: fix potential memory space leak Xuan Ding (1): vhost: fix potential fd leak