[Pkg-dpdk-devel] Bug#971277: buster-pu: package dpdk/18.11.10-1~deb10u1

[Luca Boccassi]

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org at packages.debian.org
Usertags: pu
X-Debbugs-CC: pkg-dpdk-devel at lists.alioth.debian.org

Dear release team,

We would like to upload a new LTS release version of DPDK to Buster.
We have already done this previously, and it was approved, for 18.11.2-
2+deb10u1, 18.11.5-1~deb10u1 and 18.11.8-1~deb10u1, therefore I already
proceeded to upload to buster-pu in accordance with the new workflow.

As before, the LTS point release has only bug fixes and no API changes
and has been tested with regression tests.

The following CVEs are being fixed:

- Remote Code Execution in vhost_crypto (VM Escape) (CVE-2020-14374)
- Time-of-check time-of-use vulnerabilities throughout (CVE-2020-14375)
- Buffer overflow copying iv_data from guest to host (CVE-2020-14376)
- write_back_data buffer over read (CVE-2020-14377)
- Partial Denial of Service due to Integer Underflow (CVE-2020-14378)

The source debdiff is attached.

(trying again, Evolution ate all my newlines in 971268)

-- 
Kind regards,
Luca Boccassi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 18.11.10.debdiff
Type: text/x-patch
Size: 515025 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-dpdk-devel/attachments/20200928/36ed750a/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-dpdk-devel/attachments/20200928/36ed750a/attachment-0001.sig>