ELSA-2024-2033 - libreswan security and bug fix update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2024-04-24 |
Description
[4.12-1.0.1.1]
- Add libreswan-oracle.patch to detect Oracle Linux distro
[4.12-1.1]
- Fix CVE-2024-2357 (RHEL-29734)
- x509: unpack IPv6 general names based on length (RHEL-32719)
[4.12-1]
- Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712
- Resolves: rhbz#2215956
[4.9-5]
- Just bumping up the version to include bugs for CVE-2023-2295. There is no
code fix for it. Fix for it is including the code fix for CVE-2023-30570.
- Fix CVE-2023-2295 Regression of CVE-2023-30570 fixes in the
Red Hat Enterprise Linux
- Resolves: rhbz#2189777, rhbz#2190148
[4.9-4]
- Just bumping up the version as an incorrect 9.3 build was created.
- Related: rhbz#2187171
[4.9-3]
- Fix CVE-2023-30570:Malicious IKEv1 Aggressive Mode packets can crash
libreswan
- Resolves: rhbz#2187171
[4.9-2]
- Fix CVE-2023-23009: remote DoS via crafted TS payload with an
incorrect selector length (rhbz#2173674)
[4.9-1]
- Update to 4.9. Resolves: rhbz#2128669
- Switch to using %autopatch as in Fedora
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
|
| Oracle Linux 9 (aarch64) | libreswan-4.12-1.0.1.el9_3.1.src.rpm | 37ced7f807064bf0e13414ce38bd8800 | - | ol9_aarch64_appstream |
| libreswan-4.12-1.0.1.el9_3.1.aarch64.rpm | 7e6904227ae56d692eb86cd55138c6af | - | ol9_aarch64_appstream |
|
| Oracle Linux 9 (x86_64) | libreswan-4.12-1.0.1.el9_3.1.src.rpm | 37ced7f807064bf0e13414ce38bd8800 | - | ol9_x86_64_appstream |
| libreswan-4.12-1.0.1.el9_3.1.x86_64.rpm | 43a0a184b08cbc6546715ab88004c0fc | - | ol9_x86_64_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
