ELSA-2024-2033 -- Oracle libreswanID: oval:org.secpod.oval:def:1507492 | Date: (C)2024-05-09 (M)2024-05-09 |
Class: PATCH | Family: unix |
[4.12-1.0.1.1] - Add libreswan-oracle.patch to detect Oracle Linux distro [4.12-1.1] - Fix CVE-2024-2357 - x509: unpack IPv6 general names based on length [4.12-1] - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz#2215956 [4.9-5] - Just bumping up the version to include bugs for CVE-2023-2295. There is no code fix for it. Fix for it is including the code fix for CVE-2023-30570. - Fix CVE-2023-2295 Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux - Resolves: rhbz#2189777, rhbz#2190148 [4.9-4] - Just bumping up the version as an incorrect 9.3 build was created. - Related: rhbz#2187171 [4.9-3] - Fix CVE-2023-30570:Malicious IKEv1 Aggressive Mode packets can crash libreswan - Resolves: rhbz#2187171 [4.9-2] - Fix CVE-2023-23009: remote DoS via crafted TS payload with an incorrect selector length [4.9-1] - Update to 4.9. Resolves: rhbz#2128669 - Switch to using %autopatch as in Fedora