From 2f8416a0575c1f8dad0be9b2d6e572143b931eac Mon Sep 17 00:00:00 2001 From: Sabeel Ansari Date: Mon, 17 Jul 2023 11:42:26 -0700 Subject: [PATCH 1/2] Update IPDK 23.07 release notes to include gRPC CVE fixes Signed-off-by: Sabeel Ansari --- RELEASENOTES.md | 1 + 1 file changed, 1 insertion(+) diff --git a/RELEASENOTES.md b/RELEASENOTES.md index a8b01578..2c06f1bb 100644 --- a/RELEASENOTES.md +++ b/RELEASENOTES.md @@ -64,6 +64,7 @@ in multiple control planes environment) * Introduction of `sgnmi_cli`, a secure-by-default gNMI client (Intel IPU E2100 target only) * Library updates to address security issues + * Fixed in `gRPC` v1.54.2: CVE-2023-32731, CVE-2023-32732, CVE-2023-1428 * Fixed in `c-ares` v1.19.0: CVE-2022-4904 * Fixed in `c-ares` v1.19.1: CVE-2023-32067, CVE-2023-31147, CVE-2023-31130, CVE-2023-31124 From f968e634f3de84426592cb2e937270a4fca28c4f Mon Sep 17 00:00:00 2001 From: Sabeel Ansari Date: Wed, 19 Jul 2023 07:19:33 -0700 Subject: [PATCH 2/2] Update VXLAN limitation text in release notes Signed-off-by: Sabeel Ansari --- RELEASENOTES.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/RELEASENOTES.md b/RELEASENOTES.md index f2a61e84..ea6ddf21 100644 --- a/RELEASENOTES.md +++ b/RELEASENOTES.md @@ -117,8 +117,7 @@ first rule devmem 0x20292002a0 64 0xA000050000000006 ``` - * VXLAN destination port should always be the standard port (4789) to - satisfy parser limitations + * VXLAN destination port is fixed to be the standard port (4789) * ofproto rules that alter FDB learning on OVS are not supported * Tagged packets are not supported