oss-sec mailing list archives

OpenDaylight security advisory: CVE-2015-1778 authentication bypass, CVE-2015-1611 CVE-2015-1612 topology spoofing via LLDP

From: David Jorm <david.jorm () gmail com>
Date: Fri, 20 Mar 2015 15:08:58 +1000

Hi All

OpenDaylight Helium SR3 has now been released, including patches for two
security vulnerabilities:

[Important] CVE-2015-1778 OpenDaylight: authentication bypass

[Moderate] CVE-2015-1611 CVE-2015-1612 openflowplugin: topology spoofing
via LLDP

Full details, including links to patched builds, are available on the
OpenDaylight security advisories page:

https://wiki.opendaylight.org/view/Security_Advisories
Thanks
David Jorm on behalf of the OpenDaylight security response team

Current thread:

OpenDaylight security advisory: CVE-2015-1778 authentication bypass, CVE-2015-1611 CVE-2015-1612 topology spoofing via LLDP David Jorm (Mar 19)