[El-errata] ELSA-2015-1979 Moderate: Oracle Linux 7 libreswan security and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Nov 3 14:57:21 PST 2015
Oracle Linux Security Advisory ELSA-2015-1979
http://linux.oracle.com/errata/ELSA-2015-1979.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
libreswan-3.15-5.0.1.el7_1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libreswan-3.15-5.0.1.el7_1.src.rpm
Description of changes:
[3.15-5.0.1]
- add libreswan-oracle.patch to detect Oracle Linux distro
[3.15-5]
- Resolves: rhbz#1273719 libreswan FIPS test mistakenly looks for
non-existent file hashes
[3.15-4]
- Resolves: rhbz#1268775 libreswan should support strictcrlpolicy alias
- Resolves: rhbz#1268776 Pluto crashes after stop when I use floating ip
address
- Resolves: rhbz#1268773 Pluto crashes on INITIATOR site during 'service
ipsec stop'
- Resolves: rhbz#1208022 libreswan ignores module blacklist rules
- Resolves: rhbz#1270673 ipsec does not work properly on loopback
[3.15-2]
- Resolves: rhbz#1259208 CVE-2015-3240
- Merge rhel6 and rhel7 spec into one
- Be lenient for racoon padding behaviour
- Fix seedev option to /dev/random
- Some IKEv1 PAM methods always gave 'Permission denied'
- Parser workarounds for differences in gcc/flex/bison on rhel6/rhel7
- Parser fix to allow specifying time without unit (openswan compat)
- Fix Labeled IPsec on rekeyed IPsec SA's
- Workaround for wrong padding by racoon2
- Disable NSS HW GCM to workaround rhel6 xen builers bug
More information about the El-errata
mailing list