Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 551
Alerts This Week
Warning Icon 1 551

Fedora 24: Libreswan 3.17 Critical IPsec Denial of Service Patch CVE-2016-3072

fedora
Calendar Grey April 12, 2016
Dist Fedora Esm H88
Libreswan 3.17 on Fedora 24 addresses critical IPsec denial of service vulnerability CVE-2016-3072 effectively.
Updated to 3.17 for CVE-2016-3071

Summary

Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is

the Internet Protocol Security and uses strong cryptography to provide

both authentication and encryption services. These services allow you

to build secure tunnels through untrusted networks. Everything passing

through the untrusted net is encrypted by the ipsec gateway machine and

decrypted by the gateway at the other end of the tunnel. The resulting

tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up

Libreswan. To build KLIPS, see the kmod-libreswan.spec file.

Libreswan also supports IKEv2 (RFC4309) and Secure Labeling

Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04

Update Information:

Updated to 3.17 for CVE-2016-3071

Change Log

References


[ 1 ] Bug #1323859 - libreswan-3.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1323859

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update libreswan' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libreswan
Product: Fedora 24
Version: 3.17
Release: 1.fc24
Summary: IPsec implementation with IKEv1 and IKEv2 keying protocols

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.