Описание
ELSA-2019-3391: libreswan security and bug fix update (LOW)
[3.29-6.0.1]
- Add libreswan-oracle.patch to detect Oracle Linux distro
[3.29-6]
- Resolves: rhbz#1714331 support NSS based IKE KDFs [require updated nss for rhbz 1738689, memleak fix]
[3.29-5]
- Resolves: rhbz#1714331 support NSS based IKE KDFs so libreswan does not need FIPS certification
[3.29-4]
- Resolves: rhbz#1699318 'ipsec show' has python3 invalid syntax
[3.29-3]
- Resolves: rhbz#1725205 XFRM policy for OE/32 peer is deleted when shunts for previous half-open state expire
[3.29-2]
- Resolves: rhbz#1723957 libreswan is missing linux audit calls for failed IKE SAs and failed IPsec SAs required for Common Criteria
[3.29-1]
- Resolves: rhbz#1712555 libreswan rebase to 3.29
[3.28-2]
- Resolves: rhbz#1713734: barf: shell syntax error in barf diagnostic tool
[3.28-1]
- Resolves: rhbz#1712555 libreswan rebase to 3.28
- Resolves: rhbz#1683706 Libreswan shows incorrect error messages
- Resolves: rhbz#1706180 Remove last usage of old (unused) PF_KEY API
- Resolves: rhbz#1677045 Opportunistic IPsec instances of /32 groups or auto=start that receive delete wont restart
- Resolves: rhbz#1686990 IKEv1 traffic interruption when responder deletes SAs 60 seconds before EVENT_SA_REPLACE
- Resolves: rhbz#1608353 /usr/sbin/ipsec part of the libreswan packages still invokes commands that were deprecated a decade ago
- Resolves: rhbz#1699318 'ipsec show' has python3 invalid syntax
- Resolves: rhbz#1679394 libreswan using NSS IPsec profiles regresses when critical flags are set causing validation failure
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
libreswan
3.29-6.0.1.el8
Oracle Linux x86_64
libreswan
3.29-6.0.1.el8
Связанные CVE
Связанные уязвимости
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.
The Libreswan Project has found a vulnerability in the processing of I ...
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.