Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2015-1979

Опубликовано: 03 нояб. 2015
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2015-1979: libreswan security and enhancement update (MODERATE)

[3.15-5.0.1]

  • add libreswan-oracle.patch to detect Oracle Linux distro

[3.15-5]

  • Resolves: rhbz#1273719 libreswan FIPS test mistakenly looks for non-existent file hashes

[3.15-4]

  • Resolves: rhbz#1268775 libreswan should support strictcrlpolicy alias
  • Resolves: rhbz#1268776 Pluto crashes after stop when I use floating ip address
  • Resolves: rhbz#1268773 Pluto crashes on INITIATOR site during 'service ipsec stop'
  • Resolves: rhbz#1208022 libreswan ignores module blacklist rules
  • Resolves: rhbz#1270673 ipsec does not work properly on loopback

[3.15-2]

  • Resolves: rhbz#1259208 CVE-2015-3240
  • Merge rhel6 and rhel7 spec into one
  • Be lenient for racoon padding behaviour
  • Fix seedev option to /dev/random
  • Some IKEv1 PAM methods always gave 'Permission denied'
  • Parser workarounds for differences in gcc/flex/bison on rhel6/rhel7
  • Parser fix to allow specifying time without unit (openswan compat)
  • Fix Labeled IPsec on rekeyed IPsec SA's
  • Workaround for wrong padding by racoon2
  • Disable NSS HW GCM to workaround rhel6 xen builers bug

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

libreswan

3.15-5.0.1.el7_1

Связанные CVE

CVE-2015-3240

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2015-3240

ubuntu
почти 10 лет назад

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet.

redhat логотип

CVE-2015-3240

redhat
около 10 лет назад

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet.

nvd логотип

CVE-2015-3240

nvd
почти 10 лет назад

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet.

debian логотип

CVE-2015-3240

debian
почти 10 лет назад

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6. ...

github логотип

GHSA-m56r-f6p2-qgw5

github
больше 3 лет назад

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet.