ELSA-2024-2033

ELSA-2024-2033 - libreswan security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2024-04-24

Description


[4.12-1.0.1.1]
- Add libreswan-oracle.patch to detect Oracle Linux distro

[4.12-1.1]
- Fix CVE-2024-2357 (RHEL-29734)
- x509: unpack IPv6 general names based on length (RHEL-32719)

[4.12-1]
- Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712
- Resolves: rhbz#2215956

[4.9-5]
- Just bumping up the version to include bugs for CVE-2023-2295. There is no
code fix for it. Fix for it is including the code fix for CVE-2023-30570.
- Fix CVE-2023-2295 Regression of CVE-2023-30570 fixes in the
Red Hat Enterprise Linux
- Resolves: rhbz#2189777, rhbz#2190148

[4.9-4]
- Just bumping up the version as an incorrect 9.3 build was created.
- Related: rhbz#2187171

[4.9-3]
- Fix CVE-2023-30570:Malicious IKEv1 Aggressive Mode packets can crash
libreswan
- Resolves: rhbz#2187171

[4.9-2]
- Fix CVE-2023-23009: remote DoS via crafted TS payload with an
incorrect selector length (rhbz#2173674)

[4.9-1]
- Update to 4.9. Resolves: rhbz#2128669
- Switch to using %autopatch as in Fedora


Related CVEs


CVE-2024-2357

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) libreswan-4.12-1.0.1.el9_3.1.src.rpm37ced7f807064bf0e13414ce38bd8800-ol9_aarch64_appstream
libreswan-4.12-1.0.1.el9_3.1.aarch64.rpm7e6904227ae56d692eb86cd55138c6af-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) libreswan-4.12-1.0.1.el9_3.1.src.rpm37ced7f807064bf0e13414ce38bd8800-ol9_x86_64_appstream
libreswan-4.12-1.0.1.el9_3.1.x86_64.rpm43a0a184b08cbc6546715ab88004c0fc-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete