ELSA-2019-3391 - libreswan security and bug fix update
| Type: | SECURITY |
| Severity: | LOW |
| Release Date: | 2019-11-14 |
Description
[3.29-6.0.1]
- Add libreswan-oracle.patch to detect Oracle Linux distro
[3.29-6]
- Resolves: rhbz#1714331 support NSS based IKE KDFs [require updated nss for rhbz 1738689, memleak fix]
[3.29-5]
- Resolves: rhbz#1714331 support NSS based IKE KDFs so libreswan does not need FIPS certification
[3.29-4]
- Resolves: rhbz#1699318 'ipsec show' has python3 invalid syntax
[3.29-3]
- Resolves: rhbz#1725205 XFRM policy for OE/32 peer is deleted when shunts for previous half-open state expire
[3.29-2]
- Resolves: rhbz#1723957 libreswan is missing linux audit calls for failed IKE SAs and failed IPsec SAs required for Common Criteria
[3.29-1]
- Resolves: rhbz#1712555 libreswan rebase to 3.29
[3.28-2]
- Resolves: rhbz#1713734: barf: shell syntax error in barf diagnostic tool
[3.28-1]
- Resolves: rhbz#1712555 libreswan rebase to 3.28
- Resolves: rhbz#1683706 Libreswan shows incorrect error messages
- Resolves: rhbz#1706180 Remove last usage of old (unused) PF_KEY API
- Resolves: rhbz#1677045 Opportunistic IPsec instances of /32 groups or auto=start that receive delete wont restart
- Resolves: rhbz#1686990 IKEv1 traffic interruption when responder deletes SAs 60 seconds before EVENT_SA_REPLACE
- Resolves: rhbz#1608353 /usr/sbin/ipsec part of the libreswan packages still invokes commands that were deprecated a decade ago
- Resolves: rhbz#1699318 'ipsec show' has python3 invalid syntax
- Resolves: rhbz#1679394 libreswan using NSS IPsec profiles regresses when critical flags are set causing validation failure
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 8 (aarch64) | libreswan-3.29-6.0.1.el8.src.rpm | c0b43cddf1cdcd244ac7421a7ffee7ec | - |
| libreswan-3.29-6.0.1.el8.aarch64.rpm | 45c535ada719bad11bcf5acd424d311c | - |
|
| Oracle Linux 8 (x86_64) | libreswan-3.29-6.0.1.el8.src.rpm | c0b43cddf1cdcd244ac7421a7ffee7ec | - |
| libreswan-3.29-6.0.1.el8.x86_64.rpm | 7653ed2445de2f9d5b75a16f699291a4 | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
