ELSA-2019-3391 - libreswan security and bug fix update
| Type: | SECURITY |
| Impact: | LOW |
| Release Date: | 2019-11-14 |
Description
[3.29-6.0.1]
- Add libreswan-oracle.patch to detect Oracle Linux distro
[3.29-6]
- Resolves: rhbz#1714331 support NSS based IKE KDFs [require updated nss for rhbz 1738689, memleak fix]
[3.29-5]
- Resolves: rhbz#1714331 support NSS based IKE KDFs so libreswan does not need FIPS certification
[3.29-4]
- Resolves: rhbz#1699318 'ipsec show' has python3 invalid syntax
[3.29-3]
- Resolves: rhbz#1725205 XFRM policy for OE/32 peer is deleted when shunts for previous half-open state expire
[3.29-2]
- Resolves: rhbz#1723957 libreswan is missing linux audit calls for failed IKE SAs and failed IPsec SAs required for Common Criteria
[3.29-1]
- Resolves: rhbz#1712555 libreswan rebase to 3.29
[3.28-2]
- Resolves: rhbz#1713734: barf: shell syntax error in barf diagnostic tool
[3.28-1]
- Resolves: rhbz#1712555 libreswan rebase to 3.28
- Resolves: rhbz#1683706 Libreswan shows incorrect error messages
- Resolves: rhbz#1706180 Remove last usage of old (unused) PF_KEY API
- Resolves: rhbz#1677045 Opportunistic IPsec instances of /32 groups or auto=start that receive delete wont restart
- Resolves: rhbz#1686990 IKEv1 traffic interruption when responder deletes SAs 60 seconds before EVENT_SA_REPLACE
- Resolves: rhbz#1608353 /usr/sbin/ipsec part of the libreswan packages still invokes commands that were deprecated a decade ago
- Resolves: rhbz#1699318 'ipsec show' has python3 invalid syntax
- Resolves: rhbz#1679394 libreswan using NSS IPsec profiles regresses when critical flags are set causing validation failure
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 8 (aarch64) | libreswan-3.29-6.0.1.el8.src.rpm | 97707953ab6f6e491b08080a3a93600e7322e122c7d38f6e21218a412697a833 | - | ol8_aarch64_appstream |
| libreswan-3.29-6.0.1.el8.aarch64.rpm | 0cbff55fc496f692f67f16b1638d3639eb9407061045eb9ed983b45133094739 | - | ol8_aarch64_appstream |
|
| Oracle Linux 8 (x86_64) | libreswan-3.29-6.0.1.el8.src.rpm | 97707953ab6f6e491b08080a3a93600e7322e122c7d38f6e21218a412697a833 | - | ol8_x86_64_appstream |
| libreswan-3.29-6.0.1.el8.x86_64.rpm | 48cbb4529a4007a1fe18b96a03baf2721c931a909fe379acda4ddafebf148557 | - | ol8_x86_64_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
