ELSA-2024-2033 - libreswan security and bug fix update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2024-04-24 |
Description
[4.12-1.0.1.1]
- Add libreswan-oracle.patch to detect Oracle Linux distro
[4.12-1.1]
- Fix CVE-2024-2357 (RHEL-29734)
- x509: unpack IPv6 general names based on length (RHEL-32719)
[4.12-1]
- Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712
- Resolves: rhbz#2215956
[4.9-5]
- Just bumping up the version to include bugs for CVE-2023-2295. There is no
code fix for it. Fix for it is including the code fix for CVE-2023-30570.
- Fix CVE-2023-2295 Regression of CVE-2023-30570 fixes in the
Red Hat Enterprise Linux
- Resolves: rhbz#2189777, rhbz#2190148
[4.9-4]
- Just bumping up the version as an incorrect 9.3 build was created.
- Related: rhbz#2187171
[4.9-3]
- Fix CVE-2023-30570:Malicious IKEv1 Aggressive Mode packets can crash
libreswan
- Resolves: rhbz#2187171
[4.9-2]
- Fix CVE-2023-23009: remote DoS via crafted TS payload with an
incorrect selector length (rhbz#2173674)
[4.9-1]
- Update to 4.9. Resolves: rhbz#2128669
- Switch to using %autopatch as in Fedora
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 9 (aarch64) | libreswan-4.12-1.0.1.el9_3.1.src.rpm | 6a59cd623f09a976e6858d50edf53e5b1dff3b8a913903997c1346481c78ed74 | - | ol9_aarch64_appstream |
| libreswan-4.12-1.0.1.el9_3.1.aarch64.rpm | df47f9c368c06bdd6100274eba295f2c38431a7e76d6f20cfd027832b2e06557 | - | ol9_aarch64_appstream |
|
| Oracle Linux 9 (x86_64) | libreswan-4.12-1.0.1.el9_3.1.src.rpm | 6a59cd623f09a976e6858d50edf53e5b1dff3b8a913903997c1346481c78ed74 | - | ol9_x86_64_appstream |
| libreswan-4.12-1.0.1.el9_3.1.x86_64.rpm | 67595dd0523c938ec34652dcb21bf9130df969070111ff48ea399db41b15b52b | - | ol9_x86_64_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
