Description:
LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices.
Security Fix(es):
* lldp/openvswitch: denial of service via externally triggered memory leak (CVE-2020-27827)
* lldpd: out-of-bounds read when decoding SONMP packets (CVE-2021-43612)
* lldpd: CDP PDU Packet cdp.c out-of-bounds read (CVE-2023-41910)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
lldpd-1.0.18-4.el9.aarch64.rpm |
34583f00cb0bc1b0de689d121acfa29fcd6359bb81545b0e5f0046c1b84acde5 |
| aarch64 |
lldpd-devel-1.0.18-4.el9.aarch64.rpm |
5d1b916e3daea5c123df1d5097b73edf1131145a9eb4683ba73409a39de40644 |
| i686 |
lldpd-devel-1.0.18-4.el9.i686.rpm |
995a35d5af41ed8ad0d248d705d1a54730d48ba1defbc9d858aea224e0cb4bfd |
| i686 |
lldpd-1.0.18-4.el9.i686.rpm |
b73d50d94c66efe1342d32555b0863db07347ca5e57e4c755be069e2f3df15a5 |
| ppc64le |
lldpd-1.0.18-4.el9.ppc64le.rpm |
1814ee6f05870a51446155241a06127c1a2af03d02ecda2b22c242e1d0e04359 |
| ppc64le |
lldpd-devel-1.0.18-4.el9.ppc64le.rpm |
ef12aa5cda022d7cf9464010dc5d008d41352c215c05ef2c6fab393f107f029c |
| s390x |
lldpd-devel-1.0.18-4.el9.s390x.rpm |
50c3b99c54e9594d89f6413361de3b3a37296b57d302409a0054806122536a8e |
| s390x |
lldpd-1.0.18-4.el9.s390x.rpm |
5f4746c404763b7b5a076590bd8e7d98250e2cb7d1b31ddef29da1fb3504baf1 |
| x86_64 |
lldpd-1.0.18-4.el9.x86_64.rpm |
5b1db689c16395fb4732be6663668ca6cee221379faa43784dd5493daadca02c |
| x86_64 |
lldpd-devel-1.0.18-4.el9.x86_64.rpm |
8b31cc60ec93acf2b8a831a8f6679828c796cbdb594b2448f3c6c1d128f94404 |
