Security Updates (DSA-3533-1 & DSA-3540-1)

The security updates of openvswitch and lhasa.   Vulnerability Overview DSA-3533-1 openvswitch— Security Update Security database information: CVE-2016-2074: A remotely triggerable buffer overflow vulnerability was discovered in openvswitch, a production quality, multilayer virtual switch implementation. Specially crafted MPLS packets could overflow the buffer reserved for MPLS labels in an OVS internal data structure. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially, execution of arbitrary code.   DSA-3540-1 lhasa— Security Update Security database information: CVE-2016-2347: An integer underflow was discovered in Lhasa, a lzh archive decompressor, which might result in the execution ...Read more