Oracle Linux Security Advisory ELSA-2024-2033

http://linux.oracle.com/errata/ELSA-2024-2033.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libreswan-4.12-1.0.1.el9_3.1.x86_64.rpm

aarch64:
libreswan-4.12-1.0.1.el9_3.1.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//libreswan-4.12-1.0.1.el9_3.1.src.rpm

Related CVEs:

CVE-2024-2357




Description of changes:

[4.12-1.0.1.1]
- Add libreswan-oracle.patch to detect Oracle Linux distro

[4.12-1.1]
- Fix CVE-2024-2357 (RHEL-29734)
- x509: unpack IPv6 general names based on length (RHEL-32719)

[4.12-1]
- Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712
- Resolves: rhbz#2215956

[4.9-5]
- Just bumping up the version to include bugs for CVE-2023-2295. There is no
  code fix for it. Fix for it is including the code fix for CVE-2023-30570.
- Fix CVE-2023-2295 Regression of CVE-2023-30570 fixes in the
  Red Hat Enterprise Linux
- Resolves: rhbz#2189777, rhbz#2190148

[4.9-4]
- Just bumping up the version as an incorrect 9.3 build was created.
- Related: rhbz#2187171

[4.9-3]
- Fix CVE-2023-30570:Malicious IKEv1 Aggressive Mode packets can crash
  libreswan
- Resolves: rhbz#2187171

[4.9-2]
- Fix CVE-2023-23009: remote DoS via crafted TS payload with an
  incorrect selector length (rhbz#2173674)

[4.9-1]
- Update to 4.9. Resolves: rhbz#2128669
- Switch to using %autopatch as in Fedora


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata