El-errata: ELSA-2023-3095 Moderate: Oracle Linux 8 libreswan security and bug fix update
Oracle Linux Security Advisory ELSA-2023-3095
http://linux.oracle.com/errata/ELSA-2023-3095.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
libreswan-4.9-2.0.1.el8_8.2.x86_64.rpm
aarch64:
libreswan-4.9-2.0.1.el8_8.2.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libreswan-4.9-2.0.1.el8_8.2.src.rpm
Related CVEs:
CVE-2023-23009
Description of changes:
[4.9-2.0.1.2]
- Add libreswan-oracle.patch to detect Oracle Linux distro
[4.9-2.2]
- Update libreswan-4.9-2176248-authby-rsasig.patch
[4.9-2.1]
- Resolves: rhbz#2187647 authby=rsasig fails in FIPS policy
[4.9-2]
- Fix CVE-2023-23009: remote DoS via crafted TS payload with an
incorrect selector length (rhbz#2186127)
_______________________________________________
A libreswan security and bug fix update has been released for Oracle Linux 8.