lib/cfm.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] cfm: reduce "long delay" message from warn to info, to match
 BFD behavior.

These messages can cause the testsuite to fail on a busy build machine
since the testsuite treats WARN or ERR log messages as failures.  BFD
uses an INFO message instead of WARN, so this just changes CFM to match.

Alternatively, the testsuite could ignore "long delay" messages (it ignores
some other categories of messages).  In that case I'd expect that we'd
want to change BFD to match CFM since I don't know of a reason why they

utilities/ovs-appctl.c | 15 13 + 2 - 0 !
1 file changed, 13 insertions(+), 2 deletions(-)

 [patch] ovs-appctl: add logging options.

Normally I would also add documentation for the logging options to the
ovs-appctl manpage, but I am concerned that in this case it would actually
make the manpage confusing, because one of the main purposes of ovs-appctl
is to modify the log levels of *other* programs, and these options only
modify the log level of ovs-appctl itself, which is rarely useful.

The following commit will start using these logging options in a test.

Signed-off-by: Ben Pfaff <blp@nicira.com>

tests/ofproto-dpif.at | 8 4 + 4 - 0 !
1 file changed, 4 insertions(+), 4 deletions(-)

 [patch] tests: turn off appctl poll_loop logging for long output.

One of the VMware internal autobuilder builds failed due to extraneous
logging in these tests of the form:

   2014-07-28T21:11:07Z|00001|poll_loop|INFO|wakeup due to [POLLIN] on fd 3
   (...) at lib/stream-fd-unix.c:124 (93% CPU usage)

I think this must be because these tests have tons of output and so on a
loaded machine it can take some CPU to pull it down.  We don't want to fail
for that reason, so disable this logging.

Signed-off-by: Ben Pfaff <blp@nicira.com>

lib/flow.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 [patch branch-2.3] flow: fix buffer overflow for crafted mpls packets.

A bug in MPLS parsing could cause a crafted MPLS packet to overflow the
buffer reserved for MPLS labels in the OVS internal flow structure.  This
fixes the problem.

This commit also fixes a secondary problem where an MPLS packet with zero
labels could cause an out-of-range shift that would overwrite memory.
There is no obvious way to control the data used in the overwrite, so this
is harder to exploit.

Vulnerability: CVE-2016-2074
Reported-by: Kashyap Thimmaraju <kashyap.thimmaraju@sec.t-labs.tu-berlin.de>
Reported-by: Bhargava Shastry <bshastry@sec.t-labs.tu-berlin.de>
Signed-off-by: Ben Pfaff <blp@ovn.org>