AlmaLinux 2324 Published by

A libreswan security and bug fix update has been released for AlmaLinux 8.



ALSA-2023:3095 Moderate: libreswan security and bug fix update


Type:
security

Severity:
moderate

Release date:
2023-05-19

Description
Security Fix(es):
* libreswan: remote DoS via crafted TS payload with an incorrect selector length (CVE-2023-23009)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* authby=rsasig fails in FIPS policy (BZ#2187647)

References:
RHSA-2023:3095
CVE-2023-23009
ALSA-2023:3095

Updates packages:
libreswan-4.9-2.el8_8.2.x86_64.rpm
libreswan-4.9-2.el8_8.2.s390x.rpm
libreswan-4.9-2.el8_8.2.aarch64.rpm
libreswan-4.9-2.el8_8.2.ppc64le.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2023:3095 Moderate: libreswan security and bug fix update