Hi, On Sun, Aug 13, 2023 at 02:12:34PM +0200, Salvatore Bonaccorso wrote: > Source: ovn > Version: 23.03.0-1 > Severity: important > Tags: security upstream > Forwarded: https://github.com/ovn-org/ovn/issues/198 > X-Debbugs-Cc: car...@debian.org, Debian Security Team > <t...@security.debian.org> > > Hi, > > The following vulnerability was published for ovn. > > CVE-2023-3153[0]: > | service monitor MAC flow is not rate limited > > upstream is notified about [1] but is not giving more details at time > of writing.
The advisory and the patch is now public: https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html Regards, Salvatore
