Lucene search

K
oraclelinuxOracleLinuxELSA-2024-2033
HistoryApr 24, 2024 - 12:00 a.m.

libreswan security and bug fix update

2024-04-2400:00:00
linux.oracle.com
4
libreswan
security update
bug fix
oracle linux
ipv6
cve-2024-2357
cve-2024-2357
cve-2023-38710
cve-2023-38711
cve-2023-38712
cve-2023-2295
cve-2023-30570
remote dos

7.5 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

[4.12-1.0.1.1]

  • Add libreswan-oracle.patch to detect Oracle Linux distro
    [4.12-1.1]
  • Fix CVE-2024-2357 (RHEL-29734)
  • x509: unpack IPv6 general names based on length (RHEL-32719)
    [4.12-1]
  • Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712
  • Resolves: rhbz#2215956
    [4.9-5]
  • Just bumping up the version to include bugs for CVE-2023-2295. There is no
    code fix for it. Fix for it is including the code fix for CVE-2023-30570.
  • Fix CVE-2023-2295 Regression of CVE-2023-30570 fixes in the
    Red Hat Enterprise Linux
  • Resolves: rhbz#2189777, rhbz#2190148
    [4.9-4]
  • Just bumping up the version as an incorrect 9.3 build was created.
  • Related: rhbz#2187171
    [4.9-3]
  • Fix CVE-2023-30570:Malicious IKEv1 Aggressive Mode packets can crash
    libreswan
  • Resolves: rhbz#2187171
    [4.9-2]
  • Fix CVE-2023-23009: remote DoS via crafted TS payload with an
    incorrect selector length (rhbz#2173674)
    [4.9-1]
  • Update to 4.9. Resolves: rhbz#2128669
  • Switch to using %autopatch as in Fedora