[El-errata] ELSA-2015-1154 Moderate: Oracle Linux 7 libreswan security, bug fix and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Jun 23 12:34:26 PDT 2015


Oracle Linux Security Advisory ELSA-2015-1154

http://linux.oracle.com/errata/ELSA-2015-1154.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
libreswan-3.12-10.1.0.1.el7_1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libreswan-3.12-10.1.0.1.el7_1.src.rpm



Description of changes:

[3.12-10.1.0.1]
- add libreswan-oracle.patch to detect Oracle Linux distro

[3.12-10.1]
- Resolves: rhbz#1226407 CVE-2015-3204 libreswan: crafted IKE packet 
causes daemon restart

[3.12-10]
- Resolves: rhbz#1213652 Support CAVS [updated another prf() free 
symkey, bogus fips mode fix]

[3.12-9]
- Resolves: rhbz#1213652 Support CAVS [updated to kill another copy of 
prf()]
- Resolves: rhbz#1208023 Libreswan with IPv6 [updated patch by Jaroslav 
Aster]
- Resolves: rhbz#1208022 libreswan ignores module blacklist [updated 
modprobe handling]

[3.12-8]
- Resolves: rhbz#1213652 Support CAVS testing of the PRF/PRF+ functions

[3.12-7]
- Resolves: rhbz#1208022 libreswan ignores module blacklist rules
- Resolves: rhbz#1208023 Libreswan with IPv6 in RHEL7 fails after reboot
- Resolves: rhbz#1211146 pluto crashes in fips mode

[3.12-6]
- Resolves: rhbz#1198650 SELinux context string size limit
- Resolves: rhbz#1198649 Add new option for BSI random requirement





More information about the El-errata mailing list