Moderate: libreswan security update

🗓️ 08 Jul 2024 00:00:00Reported by AlmaLinuxType

almalinux

almalinux🔗 errata.almalinux.org👁 26 Views

Libreswan security update, fix for IKEv1 cras

Reporter	Title	Published	Views	Family All 102
ATTACKERKB	CVE-2024-3652	11 Apr 202402:15	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : libreswan (ALAS2023-2024-621)	28 May 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libreswan (ALAS-2024-2596)	23 Jul 202400:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0207: libreswan (ALINUX3-SA-2024:0207)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : libreswan (ALSA-2024:4050)	24 Jun 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : libreswan (ALSA-2024:4376)	10 Jul 202400:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: libreswan (CVE-2024-3652)	1 Apr 202500:00	–	nessus
Tenable Nessus	Fedora 40 : libreswan (2024-05a6ab143e)	1 Jul 202400:00	–	nessus
Tenable Nessus	Fedora 39 : libreswan (2024-07c9cfd337)	1 Jul 202400:00	–	nessus
Tenable Nessus	Fedora 41 : libreswan (2024-342c3cc98f)	14 Nov 202400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
almalinux	8	x86_64	libreswan	4.12-2.el8_10.4	libreswan-4.12-2.el8_10.4.x86_64.rpm
almalinux	8	aarch64	libreswan	4.12-2.el8_10.4	libreswan-4.12-2.el8_10.4.aarch64.rpm
almalinux	8	ppc64le	libreswan	4.12-2.el8_10.4	libreswan-4.12-2.el8_10.4.ppc64le.rpm
almalinux	8	s390x	libreswan	4.12-2.el8_10.4	libreswan-4.12-2.el8_10.4.s390x.rpm

Source	Link
access	www.access.redhat.com/errata/RHSA-2024:4376
access	www.access.redhat.com/security/cve/CVE-2024-3652
bugzilla	www.bugzilla.redhat.com/2274448
errata	www.errata.almalinux.org/8/ALSA-2024-4376.html

09 Jul 2024 12:36Current

7.1High risk

Vulners AI Score7.1

CVSS 3.16.5

EPSS0.008

SSVC

libreswan ipsec ike linux cryptography authentication encryption tunnel vpn cve-2024-3652 security fix