From aae33caebc7e21f20229ed91fd378c620438e3dbe257a2cf938ceef6bedde8be Mon Sep 17 00:00:00 2001 From: OBS User mrdocs Date: Fri, 7 Jul 2017 21:20:09 +0000 Subject: [PATCH 1/6] Accepting request 508719 from home:markoschandras:network - Version bump to 2.7.1. Some of the changes are: * Add --cleanup option to command 'ovs-appctl exit' (see ovs-vswitchd(8)). * libopenvswitch-2 was renamed to libopenvswitch-2.7. Applications built against libopenvswitch must be recompiled against the newer library. * ovs-ctl: allow passing user:group to daemons * ofproto/bond: Fix bond reconfiguration race condition * ofproto/bond: Fix bond post recirc rule leak. * ofproto/bond: fix interal flow leak of tcp-balance bond * mcast-snooping: Avoid segfault for vswitchd. * tun-metadata: Fix memory leak in tun_metadata_table_mod(). * netdev-dpdk: Fix mempool segfault. * mirror: Allow concurrent lookups. * ofp-util: Fix buffer overread in ofputil_pull_queue_get_config_reply10() (bsc#1040543) * ovsdb: Check null before deref in ovsdb_monitor_table_condition_update(). * For the complete list of changes, please see: - https://github.com/openvswitch/ovs/compare/v2.7.0...v2.7.1 - Remove upstreamed patch * 0001-ofp-util-Fix-buffer-overread-in-ofputil_pull_queue_g.patch - OVN services are no longer restarted automatically after upgrade (44dd4cc49c8a) OBS-URL: https://build.opensuse.org/request/show/508719 OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=116 --- ...fer-overread-in-ofputil_pull_queue_g.patch | 33 ------------------- openvswitch-2.7.0.tar.gz | 3 -- openvswitch-2.7.1.tar.gz | 3 ++ openvswitch.changes | 23 +++++++++++++ openvswitch.spec | 28 +++++++++------- 5 files changed, 42 insertions(+), 48 deletions(-) delete mode 100644 0001-ofp-util-Fix-buffer-overread-in-ofputil_pull_queue_g.patch delete mode 100644 openvswitch-2.7.0.tar.gz create mode 100644 openvswitch-2.7.1.tar.gz diff --git a/0001-ofp-util-Fix-buffer-overread-in-ofputil_pull_queue_g.patch b/0001-ofp-util-Fix-buffer-overread-in-ofputil_pull_queue_g.patch deleted file mode 100644 index a8bdb38..0000000 --- a/0001-ofp-util-Fix-buffer-overread-in-ofputil_pull_queue_g.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 7b7b186a8d40fc6f287cef2582702181da74bdc3 Mon Sep 17 00:00:00 2001 -From: Ben Pfaff -Date: Sat, 20 May 2017 16:38:24 -0700 -Subject: [PATCH] ofp-util: Fix buffer overread in - ofputil_pull_queue_get_config_reply10(). - -msg->size isn't the relevant measurement here because we're only supposed -to read 'len' bytes. Reading more than that causes 'len' to underflow to a -large number at the end of the loop. - -Reported-by: Bhargava Shastry -Signed-off-by: Ben Pfaff -Acked-by: Greg Rose ---- - lib/ofp-util.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/ofp-util.c b/lib/ofp-util.c -index db27abf8b..a6dd5dbdd 100644 ---- a/lib/ofp-util.c -+++ b/lib/ofp-util.c -@@ -2598,7 +2598,7 @@ ofputil_pull_queue_get_config_reply10(struct ofpbuf *msg, - - hdr = ofpbuf_at_assert(msg, 0, sizeof *hdr); - prop_len = ntohs(hdr->len); -- if (prop_len < sizeof *hdr || prop_len > msg->size || prop_len % 8) { -+ if (prop_len < sizeof *hdr || prop_len > len || prop_len % 8) { - return OFPERR_OFPBRC_BAD_LEN; - } - --- -2.12.2 - diff --git a/openvswitch-2.7.0.tar.gz b/openvswitch-2.7.0.tar.gz deleted file mode 100644 index 2bfddf1..0000000 --- a/openvswitch-2.7.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e492cf08a929b4a2178b7f9b01dc4ff562f44138b547b4e942078187b2445d2e -size 6149523 diff --git a/openvswitch-2.7.1.tar.gz b/openvswitch-2.7.1.tar.gz new file mode 100644 index 0000000..30ba989 --- /dev/null +++ b/openvswitch-2.7.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b0458cb2a7206f8e5802a524297c9f0569c01ae4bf91037a4dff37dcd0e2a84a +size 6186107 diff --git a/openvswitch.changes b/openvswitch.changes index 55f54c9..b0b1995 100644 --- a/openvswitch.changes +++ b/openvswitch.changes @@ -1,3 +1,26 @@ +------------------------------------------------------------------- +Thu Jul 6 07:59:30 UTC 2017 - mchandras@suse.de + +- Version bump to 2.7.1. Some of the changes are: + * Add --cleanup option to command 'ovs-appctl exit' (see ovs-vswitchd(8)). + * libopenvswitch-2 was renamed to libopenvswitch-2.7. Applications built + against libopenvswitch must be recompiled against the newer library. + * ovs-ctl: allow passing user:group to daemons + * ofproto/bond: Fix bond reconfiguration race condition + * ofproto/bond: Fix bond post recirc rule leak. + * ofproto/bond: fix interal flow leak of tcp-balance bond + * mcast-snooping: Avoid segfault for vswitchd. + * tun-metadata: Fix memory leak in tun_metadata_table_mod(). + * netdev-dpdk: Fix mempool segfault. + * mirror: Allow concurrent lookups. + * ofp-util: Fix buffer overread in ofputil_pull_queue_get_config_reply10() (bsc#1040543) + * ovsdb: Check null before deref in ovsdb_monitor_table_condition_update(). + * For the complete list of changes, please see: + - https://github.com/openvswitch/ovs/compare/v2.7.0...v2.7.1 +- Remove upstreamed patch + * 0001-ofp-util-Fix-buffer-overread-in-ofputil_pull_queue_g.patch +- OVN services are no longer restarted automatically after upgrade (44dd4cc49c8a) + ------------------------------------------------------------------- Sat May 27 08:39:25 UTC 2017 - mchandras@suse.de diff --git a/openvswitch.spec b/openvswitch.spec index 182c146..2769dad 100644 --- a/openvswitch.spec +++ b/openvswitch.spec @@ -30,7 +30,7 @@ # but keep it here as an option %bcond_with check Name: openvswitch -Version: 2.7.0 +Version: 2.7.1 Release: 0 Summary: An open source, production quality, multilayer virtual switch # All code is Apache-2.0 except @@ -42,10 +42,6 @@ Url: http://openvswitch.org/ Source0: http://openvswitch.org/releases/openvswitch-%{version}.tar.gz Source1: preamble Source89: Module.supported.updates -# PATCh-FIX-UPSTREAM 0001-ofp-util-Fix-buffer-overread-in-ofputil_pull_queue_g.patch -# Upstream fix (present in 2.7 branch) to fix CVE-2017-9214 -# See https://nvd.nist.gov/vuln/detail/CVE-2017-9214 -Patch1: 0001-ofp-util-Fix-buffer-overread-in-ofputil_pull_queue_g.patch Patch99: 0001-utilities-Add-script-to-support-DPDK-option-migratio.patch BuildRequires: autoconf BuildRequires: automake @@ -278,7 +274,6 @@ Open vSwitch is a full-featured software-based Ethernet switch. %prep %setup -q -n openvswitch-%{version} -%patch1 -p1 %patch99 -p1 %build @@ -477,12 +472,21 @@ export DISABLE_RESTART_ON_UPDATE=yes %service_del_preun ovn-controller-vtep.service %postun ovn-central +# 44dd4cc49c8a4f9413baa822f111686fd8964160 ("fedora: do not restart ovn svcs +# automatically on pkg upgrade") +export DISABLE_RESTART_ON_UPDATE=yes %service_del_postun ovn-northd.service %postun ovn-host +# 44dd4cc49c8a4f9413baa822f111686fd8964160 ("fedora: do not restart ovn svcs +# automatically on pkg upgrade") +export DISABLE_RESTART_ON_UPDATE=yes %service_del_postun ovn-controller.service %postun ovn-vtep +# 44dd4cc49c8a4f9413baa822f111686fd8964160 ("fedora: do not restart ovn svcs +# automatically on pkg upgrade") +export DISABLE_RESTART_ON_UPDATE=yes %service_del_postun ovn-controller-vtep.service %preun test @@ -526,10 +530,10 @@ export DISABLE_RESTART_ON_UPDATE=yes %{_datadir}/openvswitch/scripts/ovs-save %{_datadir}/openvswitch/scripts/ovs-dpdk-migrate-2.6.sh %{_datadir}/openvswitch/vswitch.ovsschema -%{_libdir}/libofproto-2.so.* -%{_libdir}/libopenvswitch-2.so.* -%{_libdir}/libovsdb-2.so.* -%{_libdir}/libsflow-2.so.* +%{_libdir}/libofproto-2*.so.* +%{_libdir}/libopenvswitch-2*.so.* +%{_libdir}/libovsdb-2*.so.* +%{_libdir}/libsflow-2*.so.* %{_mandir}/man1/ovsdb-client.1%{ext_man} %{_mandir}/man1/ovsdb-server.1%{ext_man} %{_mandir}/man1/ovsdb-tool.1%{ext_man} @@ -572,7 +576,7 @@ export DISABLE_RESTART_ON_UPDATE=yes %{_mandir}/man8/vtep-ctl.8%{ext_man} %{_datadir}/openvswitch/scripts/ovs-vtep %{_datadir}/openvswitch/vtep.ovsschema -%{_libdir}/libvtep-2.so.* +%{_libdir}/libvtep-2*.so.* %files -n python-openvswitch %defattr(-,root,root) @@ -597,7 +601,7 @@ export DISABLE_RESTART_ON_UPDATE=yes %{_datadir}/openvswitch/scripts/ovn-bugtool-nbctl-show %{_datadir}/openvswitch/scripts/ovn-bugtool-sbctl-lflow-list %{_datadir}/openvswitch/scripts/ovn-bugtool-sbctl-show -%{_libdir}/libovn-2.so.* +%{_libdir}/libovn-2*.so.* %{_mandir}/man5/ovn-nb.5%{ext_man} %{_mandir}/man5/ovn-sb.5%{ext_man} %{_mandir}/man7/ovn-architecture.7%{ext_man} From dd4d5b470e6cf58cfc27b08b97cb8b87a6e9a37453f7883f93525ac83687cae8 Mon Sep 17 00:00:00 2001 From: OBS User mrdocs Date: Sun, 9 Jul 2017 18:23:59 +0000 Subject: [PATCH 2/6] Accepting request 508974 from home:jengelh:branches:network - Implement shared library packaging guideline. OBS-URL: https://build.opensuse.org/request/show/508974 OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=117 --- openvswitch.changes | 8 +++++ openvswitch.spec | 72 ++++++++++++++++++++++++++------------------- 2 files changed, 50 insertions(+), 30 deletions(-) diff --git a/openvswitch.changes b/openvswitch.changes index b0b1995..2952887 100644 --- a/openvswitch.changes +++ b/openvswitch.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Sat Jul 8 20:42:27 UTC 2017 - jengelh@inai.de + +- Remove irrelevant wording from summaries/description. + Diversify summaries. +- Get rid of an empty if block by inverting the condition. +- Implement shared library packaging guideline. + ------------------------------------------------------------------- Thu Jul 6 07:59:30 UTC 2017 - mchandras@suse.de diff --git a/openvswitch.spec b/openvswitch.spec index 2769dad..cb30ed9 100644 --- a/openvswitch.spec +++ b/openvswitch.spec @@ -29,10 +29,12 @@ # The testsuite is somewhat fragile for continuous testing in OBS # but keep it here as an option %bcond_with check +%define lname libopenvswitch-2_7-1 + Name: openvswitch Version: 2.7.1 Release: 0 -Summary: An open source, production quality, multilayer virtual switch +Summary: A multilayer virtual network switch # All code is Apache-2.0 except # - lib/sflow* which is SISSL # - utilities/bugtool which is LGPL-2.1 @@ -96,12 +98,12 @@ BuildRequires: libpcap-devel %endif %description -Open vSwitch is a production quality, multilayer virtual switch licensed under -the open source Apache 2.0 license. It is designed to enable massive network automation -through programmatic extension, while still supporting standard management interfaces -and protocols (e.g. NetFlow, sFlow, RSPAN, ERSPAN, CLI, LACP, 802.1ag). In addition, -it is designed to support distribution across multiple physical servers similar to -VMware’s vNetwork distributed vswitch or Cisco’s Nexus 1000V. +Open vSwitch is a multilayer virtual network Ethernet switch. It is +enables network automation through programmatic extension, and +supports standard management interfaces and protocols (e.g. NetFlow, +sFlow, RSPAN, ERSPAN, CLI, LACP, 802.1ag). In addition, it supports +distribution across multiple physical servers similar to VMware’s +vNetwork distributed vswitch or Cisco’s Nexus 1000V. %if %{with kmp} %package kmp @@ -115,11 +117,19 @@ BuildRequires: %{kernel_module_package_buildreqs} Kernel modules supporting the openvswitch datapath. %endif +%package -n %{lname} +Summary: Open vSwitch core libraries +License: Apache-2.0 +Group: System/Libraries + +%description -n %{lname} +Contains the shared libraries used by Open vSwitch and any eventual extensions. + %package devel -Summary: Open vSwitch Devel Libraries +Summary: Development files for Open vSwitch License: Apache-2.0 Group: Development/Libraries/C and C++ -Requires: %{name} = %{version} +Requires: %{lname} = %{version} Provides: %{name}-dpdk-devel = %{version} Obsoletes: %{name}-dpdk-devel < %{version} @@ -127,7 +137,7 @@ Obsoletes: %{name}-dpdk-devel < %{version} Devel libraries and headers for Open vSwitch. %package ovn-central -Summary: Open vSwitch - Open Virtual Network support +Summary: Open Virtual Network support for Open vSwitch License: Apache-2.0 Group: Productivity/Networking/System Requires: %{name} = %{version} @@ -143,7 +153,7 @@ native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. %package ovn-host -Summary: Open vSwitch - Open Virtual Network support +Summary: Open Virtual Network support for Open vSwitch License: Apache-2.0 Group: Productivity/Networking/System Requires: %{name} = %{version} @@ -153,13 +163,10 @@ Provides: %{name}-dpdk-ovn:%{_bindir}/ovn-controller Provides: %{name}-ovn:%{_bindir}/ovn-controller %description ovn-host -OVN, the Open Virtual Network, is a system to support virtual network -abstraction. OVN complements the existing capabilities of OVS to add -native support for virtual network abstractions, such as virtual L2 and L3 -overlays and security groups. +This subpackage contains the OVN host controller. %package ovn-vtep -Summary: Open vSwitch - Open Virtual Network support +Summary: Open Virtual Network VTEP controller for Open vSwitch License: Apache-2.0 Group: Productivity/Networking/System Requires: %{name} = %{version} @@ -169,10 +176,10 @@ Provides: %{name}-dpdk-ovn:%{_bindir}/ovn-controller-vtep Provides: %{name}-ovn:%{_bindir}/ovn-controller-vtep %description ovn-vtep -OVN vtep controller +This subpackage contains the OVN VTEP (VXLAN Tunnel Endpoint) controller. %package ovn-common -Summary: Open vSwitch - Open Virtual Network support +Summary: Open Virtual Network diagnostic utilities License: Apache-2.0 Group: Productivity/Networking/System Requires: %{name} = %{version} @@ -186,7 +193,7 @@ Obsoletes: %{name}-ovn < %{version} Utilities that are used to diagnose and manage the OVN components. %package ovn-docker -Summary: Open vSwitch - Open Virtual Network support +Summary: Docker network plugins for OVN License: Apache-2.0 Group: Productivity/Networking/System Requires: %{name} = %{version} @@ -240,7 +247,7 @@ Requires: python Requires: python-six %description -n python-openvswitch -This package contains the full Python bindings for Open vSwitch database. +This package contains the Python bindings for Open vSwitch database. %package -n python-openvswitch-test Summary: Python bindings for Open vSwitch @@ -252,7 +259,7 @@ Requires: python-openvswitch = %{version} Requires: python-twisted %description -n python-openvswitch-test -This package contains the full Python bindings for Open vSwitch database. +This package contains the Python bindings for Open vSwitch database. %package test Summary: Open vSwitch test package @@ -267,11 +274,11 @@ Provides: %{name}-dpdk-test = %{version} Obsoletes: %{name}-dpdk-test < %{version} %description test +Open vSwitch is a software-based Ethernet switch. + This package contains utilities that are useful to diagnose performance and connectivity issues in Open vSwitch setup. -Open vSwitch is a full-featured software-based Ethernet switch. - %prep %setup -q -n openvswitch-%{version} %patch99 -p1 @@ -325,9 +332,8 @@ pushd source # Recheck tests before we declare them broken. If that fails, dump # the log and exit. >2.5.0 uses the RECHECK env variable so this # needs to be taken into consideration for future releases. -if make check TESTSUITEFLAGS="%{?_smp_mflags}" || - make check TESTSUITEFLAGS='--recheck'; then :; -else +if ! make check TESTSUITEFLAGS="%{?_smp_mflags}" && + ! make check TESTSUITEFLAGS='--recheck'; then cat tests/testsuite.log exit 1 fi @@ -444,6 +450,9 @@ export DISABLE_RESTART_ON_UPDATE=yes %service_del_preun ovs-vswitchd.service %service_del_preun openvswitch.service +%post -n %{lname} -p /sbin/ldconfig +%postun -n %{lname} -p /sbin/ldconfig + %pre ovn-central %service_add_pre ovn-northd.service @@ -530,10 +539,6 @@ export DISABLE_RESTART_ON_UPDATE=yes %{_datadir}/openvswitch/scripts/ovs-save %{_datadir}/openvswitch/scripts/ovs-dpdk-migrate-2.6.sh %{_datadir}/openvswitch/vswitch.ovsschema -%{_libdir}/libofproto-2*.so.* -%{_libdir}/libopenvswitch-2*.so.* -%{_libdir}/libovsdb-2*.so.* -%{_libdir}/libsflow-2*.so.* %{_mandir}/man1/ovsdb-client.1%{ext_man} %{_mandir}/man1/ovsdb-server.1%{ext_man} %{_mandir}/man1/ovsdb-tool.1%{ext_man} @@ -564,6 +569,13 @@ export DISABLE_RESTART_ON_UPDATE=yes %{_localstatedir}/adm/fillup-templates/sysconfig.openvswitch %dir %{_localstatedir}/log/openvswitch +%files -n %{lname} +%defattr(-,root,root) +%{_libdir}/libofproto-2*.so.* +%{_libdir}/libopenvswitch-2*.so.* +%{_libdir}/libovsdb-2*.so.* +%{_libdir}/libsflow-2*.so.* + %files pki %defattr(-,root,root) %{_mandir}/man8/ovs-pki.8%{ext_man} From 9998ddd0de7a80c411f618c7034375d60a9400c962f91ee9795d6449ac200f11 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Wed, 12 Jul 2017 09:19:27 +0000 Subject: [PATCH 3/6] Accepting request 509657 from home:markoschandras:network Addressing comment from https://build.opensuse.org/request/show/509036 No need for a new changes entry OBS-URL: https://build.opensuse.org/request/show/509657 OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=118 --- openvswitch.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvswitch.spec b/openvswitch.spec index cb30ed9..92b22c0 100644 --- a/openvswitch.spec +++ b/openvswitch.spec @@ -575,6 +575,7 @@ export DISABLE_RESTART_ON_UPDATE=yes %{_libdir}/libopenvswitch-2*.so.* %{_libdir}/libovsdb-2*.so.* %{_libdir}/libsflow-2*.so.* +%{_libdir}/libovn-2*.so.* %files pki %defattr(-,root,root) @@ -613,7 +614,6 @@ export DISABLE_RESTART_ON_UPDATE=yes %{_datadir}/openvswitch/scripts/ovn-bugtool-nbctl-show %{_datadir}/openvswitch/scripts/ovn-bugtool-sbctl-lflow-list %{_datadir}/openvswitch/scripts/ovn-bugtool-sbctl-show -%{_libdir}/libovn-2*.so.* %{_mandir}/man5/ovn-nb.5%{ext_man} %{_mandir}/man5/ovn-sb.5%{ext_man} %{_mandir}/man7/ovn-architecture.7%{ext_man} From 30ffff0d6e69d465112ca406f501480f7c5332f4ea268471bc7d790a9066da2b Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Wed, 19 Jul 2017 12:07:26 +0000 Subject: [PATCH 4/6] Accepting request 511377 from home:markoschandras:network - Version bump to 2.7.2. Some of the changes are: * Revert "netdev: Fix netdev_open() to adhere to class type if given" * connmgr: Fix crash when in_band_create() fails. * db-ctl-base: Fix reference-following feature in get_row_by_id(). * netdev: Fix crash when ifa_netmask is null. * ovn-controller: fix use-after-free in physical_run() * ovn-controller: avoid crash when vswitchd connection is lost * ovsdb-types: Fix memory leak on error path. * vswitchd: Fix IFACE_STAT name error in iface_refresh_stats * netdev: Fix crash when interface option is changed to invalid value. * ofp-util: fix memory leak in ofputil_pull_ofp11_buckets * configure: Fix check for rte_config.h to handle cross-compilation. * ofp-util: Check length of buckets in ofputil_pull_ofp15_group_mod() (cve-2017-9265) (bsc#1041447) * ofp-print: Don't abort on unknown reason in role status message (cve-2017-9263) (bsc#1041470) OBS-URL: https://build.opensuse.org/request/show/511377 OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=119 --- openvswitch-2.7.1.tar.gz | 3 --- openvswitch-2.7.2.tar.gz | 3 +++ openvswitch.changes | 18 ++++++++++++++++++ openvswitch.spec | 2 +- 4 files changed, 22 insertions(+), 4 deletions(-) delete mode 100644 openvswitch-2.7.1.tar.gz create mode 100644 openvswitch-2.7.2.tar.gz diff --git a/openvswitch-2.7.1.tar.gz b/openvswitch-2.7.1.tar.gz deleted file mode 100644 index 30ba989..0000000 --- a/openvswitch-2.7.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b0458cb2a7206f8e5802a524297c9f0569c01ae4bf91037a4dff37dcd0e2a84a -size 6186107 diff --git a/openvswitch-2.7.2.tar.gz b/openvswitch-2.7.2.tar.gz new file mode 100644 index 0000000..a2e90ca --- /dev/null +++ b/openvswitch-2.7.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:fe36c86ed52f6f7c17b01cdbb7ae37bf521cc5c2e50997b618f3f742485f655b +size 6192414 diff --git a/openvswitch.changes b/openvswitch.changes index 2952887..8f33c7f 100644 --- a/openvswitch.changes +++ b/openvswitch.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Wed Jul 19 07:32:59 UTC 2017 - mchandras@suse.de + +- Version bump to 2.7.2. Some of the changes are: + * Revert "netdev: Fix netdev_open() to adhere to class type if given" + * connmgr: Fix crash when in_band_create() fails. + * db-ctl-base: Fix reference-following feature in get_row_by_id(). + * netdev: Fix crash when ifa_netmask is null. + * ovn-controller: fix use-after-free in physical_run() + * ovn-controller: avoid crash when vswitchd connection is lost + * ovsdb-types: Fix memory leak on error path. + * vswitchd: Fix IFACE_STAT name error in iface_refresh_stats + * netdev: Fix crash when interface option is changed to invalid value. + * ofp-util: fix memory leak in ofputil_pull_ofp11_buckets + * configure: Fix check for rte_config.h to handle cross-compilation. + * ofp-util: Check length of buckets in ofputil_pull_ofp15_group_mod() (cve-2017-9265) (bsc#1041447) + * ofp-print: Don't abort on unknown reason in role status message (cve-2017-9263) (bsc#1041470) + ------------------------------------------------------------------- Sat Jul 8 20:42:27 UTC 2017 - jengelh@inai.de diff --git a/openvswitch.spec b/openvswitch.spec index 92b22c0..9c0a7ad 100644 --- a/openvswitch.spec +++ b/openvswitch.spec @@ -32,7 +32,7 @@ %define lname libopenvswitch-2_7-1 Name: openvswitch -Version: 2.7.1 +Version: 2.7.2 Release: 0 Summary: A multilayer virtual network switch # All code is Apache-2.0 except From c3ae8625c4036a549c44c0f9477ebffa34968763abdd08d8fe5a8fea0f67510f Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Mon, 24 Jul 2017 19:07:04 +0000 Subject: [PATCH 5/6] Accepting request 512256 from home:markoschandras:network another library that is missing from the libopenvswitch subpackage OBS-URL: https://build.opensuse.org/request/show/512256 OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=120 --- openvswitch.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvswitch.spec b/openvswitch.spec index 9c0a7ad..040fc5a 100644 --- a/openvswitch.spec +++ b/openvswitch.spec @@ -576,6 +576,7 @@ export DISABLE_RESTART_ON_UPDATE=yes %{_libdir}/libovsdb-2*.so.* %{_libdir}/libsflow-2*.so.* %{_libdir}/libovn-2*.so.* +%{_libdir}/libvtep-2*.so.* %files pki %defattr(-,root,root) @@ -589,7 +590,6 @@ export DISABLE_RESTART_ON_UPDATE=yes %{_mandir}/man8/vtep-ctl.8%{ext_man} %{_datadir}/openvswitch/scripts/ovs-vtep %{_datadir}/openvswitch/vtep.ovsschema -%{_libdir}/libvtep-2*.so.* %files -n python-openvswitch %defattr(-,root,root) From d1d940d22b06c169841ca4725037e14f74c66cab21d2de1f10a6596aa7d6faad Mon Sep 17 00:00:00 2001 From: OBS User mrdocs Date: Sat, 29 Jul 2017 02:26:08 +0000 Subject: [PATCH 6/6] Accepting request 512793 from home:markoschandras:network - Do not restart the ovs-vswitchd and ovsdb-server services on package updates (bsc#1002734) - Do not restart the ovs-vswitchd, ovsdb-server and openvswitch services on package removals. This facilitates potential future package moves but also preserves connectivity when the package is removed (bsc#1050896) OBS-URL: https://build.opensuse.org/request/show/512793 OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=121 --- openvswitch.changes | 10 ++++++++++ openvswitch.spec | 6 ++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/openvswitch.changes b/openvswitch.changes index 8f33c7f..5105e81 100644 --- a/openvswitch.changes +++ b/openvswitch.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Thu Jul 27 13:05:42 UTC 2017 - mchandras@suse.de + +- Do not restart the ovs-vswitchd and ovsdb-server services + on package updates (bsc#1002734) +- Do not restart the ovs-vswitchd, ovsdb-server and openvswitch + services on package removals. This facilitates potential future + package moves but also preserves connectivity when the package is + removed (bsc#1050896) + ------------------------------------------------------------------- Wed Jul 19 07:32:59 UTC 2017 - mchandras@suse.de diff --git a/openvswitch.spec b/openvswitch.spec index 040fc5a..7bc2f51 100644 --- a/openvswitch.spec +++ b/openvswitch.spec @@ -428,8 +428,6 @@ fi %postun /sbin/ldconfig -%service_del_postun ovsdb-server.service -%service_del_postun ovs-vswitchd.service # Do not restart the openvswitch service on package updates. # Restarting the service may break the existing network state. # For example, openflow rules are not automatically re-installed @@ -438,9 +436,13 @@ fi # admin decide when it's the best time for an OvS restart. # 5771f476573445710834234a6a9f7bd999a027e7 ("fedora: do not restart the service on a pkg upgrade") export DISABLE_RESTART_ON_UPDATE=yes +%service_del_postun ovsdb-server.service +%service_del_postun ovs-vswitchd.service %service_del_postun openvswitch.service %pre +# This prevents networking breakages on package removals +export DISABLE_STOP_ON_REMOVAL=yes %service_add_pre ovsdb-server.service %service_add_pre ovs-vswitchd.service %service_add_pre openvswitch.service