Oracle Linux 6134 Published by

A libreswan security and bug fix update has been released for Oracle Linux 8.



El-errata: ELSA-2023-3095 Moderate: Oracle Linux 8 libreswan security and bug fix update


Oracle Linux Security Advisory ELSA-2023-3095

  http://linux.oracle.com/errata/ELSA-2023-3095.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
libreswan-4.9-2.0.1.el8_8.2.x86_64.rpm

aarch64:
libreswan-4.9-2.0.1.el8_8.2.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol8/SRPMS-updates//libreswan-4.9-2.0.1.el8_8.2.src.rpm

Related CVEs:

CVE-2023-23009



Description of changes:

[4.9-2.0.1.2]
- Add libreswan-oracle.patch to detect Oracle Linux distro

[4.9-2.2]
- Update libreswan-4.9-2176248-authby-rsasig.patch

[4.9-2.1]
- Resolves: rhbz#2187647 authby=rsasig fails in FIPS policy

[4.9-2]
- Fix CVE-2023-23009: remote DoS via crafted TS payload with an
incorrect selector length (rhbz#2186127)

_______________________________________________