| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search | 
| Name: openvswitch-ipsec | Distribution: openSUSE Tumbleweed | 
| Version: 3.6.0 | Vendor: openSUSE | 
| Release: 29.1 | Build date: Thu Aug 21 16:56:11 2025 | 
| Group: Productivity/Networking/System | Build host: reproducible | 
| Size: 60781 | Source RPM: openvswitch-3.6.0-29.1.src.rpm | 
| Packager: http://bugs.opensuse.org | |
| Url: http://openvswitch.org/ | |
| Summary: Open vSwitch IPsec tunneling support | |
This package provides IPsec tunneling support for OVS tunnels.
Apache-2.0
* Thu Aug 21 2025 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Update openvswitch to 3.6.0. For a list of changes, check
    https://www.openvswitch.org/releases/NEWS-3.6.0.txt
* Tue Mar 18 2025 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Fix ovs-flowviz python3 dependencies
  - Rename "python3-ovs" to "python3-openvswitch" for distro consistency
* Mon Mar 10 2025 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  -  Update OVN to 25.03.0 for a list of changes, check
    https://github.com/ovn-org/ovn/blob/v25.03.0/NEWS
* Fri Feb 28 2025 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Update openvswitch to 3.5.0 for a list of changes, check
    https://www.openvswitch.org/releases/NEWS-3.5.0.txt
  - Update patch file 0001-Use-strongswan-for-openvswitch-ipsec-service.patch
  - Update OVN to 24.09.02. For a list of changes, check
    https://github.com/ovn-org/ovn/blob/v24.09.2/NEWS
* Mon Jan 27 2025 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Update openvswitch to 3.3.2. For a list of changes, check
    https://github.com/openvswitch/ovs/blob/v3.3.2/NEWS
  - Update OVN to 24.03.5. For a list of changes, check
    https://github.com/ovn-org/ovn/blob/v24.03.5/NEWS
    - This update fix CVE-2025-0650 ovn: egress ACLs may be bypassed
      via specially crafted UDP packet (bsc#1236353)
* Mon Dec 16 2024 Dominique Leuenberger <dimstar@opensuse.org>
  - Add proper dependency on /usr/sbin/ipsec on openvswitch-ipsec:
    without the binary present, the service crashes on startup
    (boo#1234617).
* Wed Aug 28 2024 Duraisankar P <Duraisankar.pitchumani@suse.com>
  - Update openvswitch to 3.3.1. For a list of changes, check
    https://github.com/openvswitch/ovs/blob/v3.3.1/NEWS
  - Update OVN to 24.03.3. For a list of changes, check
    https://github.com/ovn-org/ovn/blob/v24.03.3/NEWS
  - Drop upstream fixed patches,
    * CVE-2023-1668.patch
    * CVE-2023-3152.patch
    * CVE-2023-5366.patch
    * openvswitch-2.17.8-gcc14-build-fix.patch
    * openvswitch-CVE-2023-3966.patch
  - Updated the patch for version v3.3.1
    * install-ovsdb-tools.patch
* Tue Jul 30 2024 pgajdos@suse.com
  - remove dependency on /usr/bin/python3 using
    %python3_fix_shebang_path macro, [bsc#1212476]
* Tue Jun 04 2024 Martin Jambor <mjambor@suse.com>
  - GCC 14 started to advertise c_atomic extension, older versions
    didn't do that.  Add check for __clang__, so GCC doesn't include
    headers designed for Clang
    (openvswitch-2.17.8-gcc14-build-fix.patch) [boo#1225906]
* Mon Feb 26 2024 Dominique Leuenberger <dimstar@opensuse.org>
  - Use %patch -P N instead of deprecated %patchN.
* Thu Feb 15 2024 Duraisankar P <Duraisankar.pitchumani@suse.com>
  - Fix CVE-2023-3966 [bsc#1219465] openvswitch3: Invalid memory access in Geneve with HW offload
  - Added patch,
      +openvswitch-CVE-2023-3966.patch
* Thu Feb 01 2024 Duraisankar P <Duraisankar.pitchumani@suse.com>
  - Fix CVE-2023-5366 [bsc#1216002], openvswitch: missing masks on a final stage with ports trie
  - Added patch,
    * CVE-2023-5366.patch
* Thu Dec 14 2023 Dirk Müller <dmueller@suse.com>
  - convert to sysuser generated users
* Mon Dec 04 2023 Ana Guerrero <ana.guerrero@suse.com>
  - Add BuildRequires on python-setuptools. Previously this was pulled
    by python-Sphinx in the build environment.
* Thu Sep 07 2023 Duraisankar P <Duraisankar.pitchumani@suse.com>
  - Fix CVE-2023-3153 [bsc#1212125], VUL-0: CVE-2023-3153: openvswitch,openvswitch3: service monitor MAC flow is not rate limited
  - Added patch,
      CVE-2023-3152.patch
* Wed May 17 2023 Duraisankar P <Duraisankar.pitchumani@suse.com>
  - Fix CVE-2023-1668 [bsc#1210054], openvswitch: remote traffic denial of service via crafted packets with IP proto 0
  - Added patch,
      CVE-2023-1668.patch
* Tue May 02 2023 Dominique Leuenberger <dimstar@opensuse.org>
  - Remove python/ovs/dirs.py prior to building: have this
    re-generated based on the shipped template (boo#1210479).
* Wed Apr 05 2023 Duraisankar P <Duraisankar.pitchumani@suse.com>
  - Update OVS version to v3.1.0 and OVN version to v23.03.0
    Some of the features are,
    - ovs-vswitchd now detects changes in CPU affinity and adjusts the number
      of handler and revalidator threads if necessary.
    - AF_XDP:
    * Added support for building with libxdp and libbpf >= 0.7.
    * Support for AF_XDP is now enabled by default if all dependencies are
      available at the build time.  Use --disable-afxdp to disable.
      Use --enable-afxdp to fail the build if dependencies are not present.
    - ovs-appctl:
    * "ovs-appctl ofproto/trace" command can now display port names with the
      "--names" option.
    - OVSDB-IDL:
    * Add the support to specify the persistent uuid for row insert in both
      C and Python IDLs.
    - Windows:
    * Conntrack IPv6 fragment support.
    - DPDK:
    * Add support for DPDK 22.11.1.
    - For the QoS max-rate and STP/RSTP path-cost configuration OVS now assumes
      10 Gbps link speed by default in case the actual link speed cannot be
      determined.  Previously it was 10 Mbps.  Values can still be overridden
      by specifying 'max-rate' or '[r]stp-path-cost' accordingly.
    - OpenFlow:
    * New OpenFlow extension NXT_CT_FLUSH to flush connections matching
      the specified fields.
    - ovs-ctl:
    * New option '--dump-hugepages' to include hugepages in core dumps. This
      can assist with postmortem analysis involving DPDK, but may also produce
      significantly larger core dump files.
    - ovs-dpctl and 'ovs-appctl dpctl/' commands:
    * 'flush-conntrack' is now capable of handling partial 5-tuple,
      with additional optional parameter to specify the reply direction.
    - ovs-ofctl:
    * New command 'flush-conntrack' that accepts zone and 5-tuple (or partial
      5-tuple) for both directions.
    - Support for travis-ci.org based continuous integration builds has been
      dropped.
    - Userspace datapath:
    * Add '-secs' argument to appctl 'dpif-netdev/pmd-rxq-show' to show
      the pmd usage of an Rx queue over a configurable time period.
    * Add new experimental PMD load based sleeping feature. PMD threads can
      request to sleep up to a user configured 'pmd-maxsleep' value under
      low load conditions.
    - For more details, check
      https://github.com/openvswitch/ovs/blob/v3.1.0/NEWS
    - Includes secrity fix for CVE-2022-4338 (bsc#1206580) and CVE-2022-4337 (bsc#1206581)
    - Removed patches,
    * 0001-Replace-deprecated-var-run-with-run.patch
    * 0001-openvswitch-merge-compiler.h-files-into-one-file.patch
    * openvswitch-CVE-2021-36980.patch
    * 0002-build-Seperated-common-used-headers.patch
    * a77ad9693c8b49055389559187fe74eddb619746.patch
    * 0001-m4-Test-avx512-for-x86-only.patch
    * openvswitch-2.17.2-Fix-tests-with-GNU-grep-3.8.patch
    - Renamed and rebased patches,
    * 0001-Don-t-change-permissions-of-dev-hugepages.patch
    * 0001-Use-double-hash-for-OVS_USER_ID-comment.patch
    * 0001-Run-ovn-as-openvswitch-openvswitch.patch
    * 0001-Use-strongswan-for-openvswitch-ipsec-service.patch
    * 0001-Run-openvswitch-as-openvswitch-openvswitch.patch
    - Added ovsb tool install patch,
    * install-ovsdb-tools.patch
* Thu Sep 29 2022 Dirk Müller <dmueller@suse.com>
  - add a77ad9693c8b49055389559187fe74eddb619746.patch to avoid
    the cpu detection code being compiled with AVX512 enabled
  - add 0001-m4-Test-avx512-for-x86-only.patch
* Mon Sep 12 2022 Andreas Stieger <andreas.stieger@gmx.de>
  - fix tests with GNU grep 3.8 boo#1203239
    add openvswitch-2.17.2-Fix-tests-with-GNU-grep-3.8.patch
* Wed Aug 03 2022 Dirk Müller <dmueller@suse.com>
  - update to 2.17.2:
    - Bug fixes
    - DPDK:
    * OVS validated with DPDK 21.11.1.  It is recommended to use this version
      until further releases.
    - Bug fixes
    - libopenvswitch API change:
    * To fix the Undefined Behavior issue causing the compiler to incorrectly
      optimize important parts of code, container iteration macros (e.g.,
      LIST_FOR_EACH) have been re-implemented in a UB-safe way.
    * Backwards compatibility has mostly been preserved, however the
      user-provided pointer is now set to NULL after the loop (unless it
      exited via "break;")
    * Users of libopenvswitch will need to double-check the use of such loop
      macros before compiling with a new version.
    * Since the change is limited to the definitions within the headers, the
      ABI is not affected.
  - refresh 0001-openvswitch-merge-compiler.h-files-into-one-file.patch
    0002-build-Seperated-common-used-headers.patch
* Fri May 13 2022 Dominique Leuenberger <dimstar@opensuse.org>
  - Allow dpdk version 21.11.
* Fri Apr 22 2022 Ferdinand Thiessen <rpm@fthiessen.de>
  - Python package: Do not use C json parser on 32bit as large numbers
    will overflow.
* Sun Apr 03 2022 Ferdinand Thiessen <rpm@fthiessen.de>
  - Mention openvswitch-rpmlintrc as Source in spec file
* Mon Mar 14 2022 Ferdinand Thiessen <rpm@fthiessen.de>
  - Fix installation of files shared with OVN (required for building
    OVN without openvswitch sources), remove custom installation
    of internal headers from SPEC-install section and use patches
    (for upstreaming) instead.
    * install-ovsdb-tools.patch
    * Added 0001-openvswitch-merge-compiler.h-files-into-one-file.patch
    * Added 0002-build-Seperated-common-used-headers.patch
  - Enabled check section / running testsuite by default to validate
    build result. There must no problems with the testsuite anymore as
    upstream runs it by CI and checked before release of a new version.
  - Renamed 0001-Don-t-change-permissions-of-dev-hugepages.patch to
    Don-t-change-permissions-of-dev-hugepages.patch
  - Renamed 0001-Run-openvswitch-as-openvswitch-openvswitch.patch to
    Run-openvswitch-as-openvswitch-openvswitch.patch
  - Renamed 0001-Use-double-hash-for-OVS_USER_ID-comment.patch to
    Use-double-hash-for-OVS_USER_ID-comment.patch
  - Rebased 0001-Use-strongswan-for-openvswitch-ipsec-service.patch to
    Use-strongswan-for-openvswitch-ipsec-service.patch
* Fri Mar 11 2022 Ferdinand Thiessen <rpm@fthiessen.de>
  - Fix OVS location for python bindings (dirs.py), boo#1196978
    Make sure dirs.py is freshly generated
* Mon Mar 07 2022 Dirk Müller <dmueller@suse.com>
  - fix python3 requires (bsc#1196758)
* Sun Feb 27 2022 Ferdinand Thiessen <rpm@fthiessen.de>
  - Added install-ovsdb-tools.patch to install ovsdb tools required
    for building OVN
* Sat Feb 26 2022 Ferdinand Thiessen <rpm@fthiessen.de>
  - Enable multiple python3 flavor subpackages on Tumbleweed / Factory
* Sat Feb 26 2022 Ferdinand Thiessen <rpm@fthiessen.de>
  - Update OVS to version 2.17.0
    * Userspace datapath:
    * Optimized flow lookups for datapath flows with simple match criteria.
    * New per-interface configuration knob 'other_config:tx-steering'.
    * Removed experimental tag for PMD Auto Load Balance.
    * New configuration knob 'other_config:n-offload-threads' to change the
      number of HW offloading threads.
    * DPDK:
    * EAL argument --socket-mem is no longer configured by default upon
      start-up.  If dpdk-socket-mem and dpdk-alloc-mem are not specified,
      DPDK defaults will be used.
    * EAL argument --socket-limit no longer takes on the value of --socket-mem
      by default.  'other_config:dpdk-socket-limit' can be set equal to
      the 'other_config:dpdk-socket-mem' to preserve the legacy memory
      limiting behavior.
    * EAL argument --in-memory is applied by default if supported.
    * Add support for DPDK 21.11.
    * Forbid use of DPDK multiprocess feature.
    * Add support for running threads on cores >= RTE_MAX_LCORE.
    * Python: For SSL support, the use of the pyOpenSSL library has
      been replaced with the native 'ssl' module.
    * OVSDB:
    * Python library for OVSDB clients now also supports faster
      resynchronization with a clustered database after a brief disconnection,
      i.e. 'monitor_cond_since' monitoring method.
    * Major improvement in the performance of the OVSDB server.
    * OpenFlow:
    * Default selection method for select groups with up to 256 buckets is
      now dp_hash.  Previously this was limited to 64 buckets.  This change
      is mainly for the benefit of OVN load balancing configurations.
    * Encap & Decap action support for MPLS packet type.
  - Update OVS to version 2.16.0
    * Fix CVE-2021-36980 (boo#1188524)
      openvswitch 2.11.0 through 2.15.0 has a use-after-free in
      decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode)
      during the decoding of a RAW_ENCAP action
    * Removed support for 1024-bit Diffie-Hellman key exchange
    * Rate limiting configuration now supports setting packet-per-second
      limits in addition to the previously configurable byte rate settings.
    * OVSDB:
    * Introduced new database service model - "relay".
    * New command line options --record/--replay for ovsdb-server and
      ovsdb-client to record and replay all the incoming transactions,
      monitors, etc.
    * The Python Idl class now has a cooperative_yield() method
    * In ovs-vsctl and vtep-ctl, the "find" command now accept new
      operators {in} and {not-in}.
    * Various Userspace datapath improvements
    * ovs-ctl:
    * New option '--no-record-hostname' to disable hostname configuration
      in ovsdb on startup.
    * New command 'record-hostname-if-not-set' to update hostname in ovsdb.
    * ovs-appctl: Added ability to add and delete static mac entries using:
      'ovs-appctl fdb/add <bridge> <port> <vlan> <mac>'
      'ovs-appctl fdb/del <bridge> <vlan> <mac>'
    * Linux datapath:
    * ovs-vswitchd will configure the kernel module using per-cpu dispatch
      mode (if available). This changes the way upcalls are delivered to
      user space in order to resolve a number of issues with per-vport dispatch.
    * New vswitchd unixctl command `dpif-netlink/dispatch-mode` will return
      the current dispatch mode for each datapath.
  - Update OVS to version 2.15.0
    * OVSDB:
    * Changed format in which ovsdb transactions are stored in
      database files. Now each transaction contains diff of data
      instead of the whole new value of a column.
    * New unixctl command 'ovsdb-server/get-db-storage-status'
    * New unixctl command 'ovsdb-server/memory-trim-on-compaction on|off'.
    * Maximum backlog on RAFT connections limited to 500 messages or 4GB.
    * DPDK: Removed support for vhost-user dequeue zero-copy.
    * Add support for DPDK 20.11.
    * The environment variable OVS_UNBOUND_CONF, if set, is now used
      as the DNS resolver's (unbound) configuration file.
    * Linux datapath: Support for kernel versions up to 5.8.x.
    * Building the Linux kernel module from the OVS source tree is deprecated
    * Support for the Linux kernel is capped at version 5.8
    * Only bug fixes for the Linux OOT kernel module will be accepted.
    * The Linux kernel module will be fully removed from the OVS source tree
      in OVS branch 2.18
  - Rebased 0001-Use-strongswan-for-openvswitch-ipsec-service.patch
  - Drop upstream fixed 0001-Replace-deprecated-var-run-with-run.patch
  - Separated OVN
    * Stand alone package, this enables better maintenance
      especially updates.
    * Drop 0001-Run-ovn-as-openvswitch-openvswitch.patch from OVN
/usr/lib/systemd/system/openvswitch-ipsec.service /usr/sbin/rcopenvswitch-ipsec /usr/share/openvswitch/scripts/ovs-monitor-ipsec
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Oct 24 23:31:51 2025