[El-errata] ELBA-2019-3058 Oracle Linux 7 libreswan bug fix update (aarch64)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Oct 16 20:39:00 PDT 2019
Oracle Linux Bug Fix Advisory ELBA-2019-3058
http://linux.oracle.com/errata/ELBA-2019-3058.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
libreswan-3.25-8.1.0.1.el7_7.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libreswan-3.25-8.1.0.1.el7_7.src.rpm
Description of changes:
[3.25-8.1.0.1]
- add libreswan-oracle.patch to detect Oracle Linux distro
[3.25-8.1]
- Resolves: rhbz#1746052 libreswan: XFRM policy for OE/32 peer is
deleted when shunts for previous half-open state expire [rhel-7.7.z]
[3.25-8]
- Resolves: rhbz#1686991 IKEv1 traffic interruption when responder
deletes SAs 60 seconds before EVENT_SA_REPLACE
[3.25-7]
- Resolves: rhbz#1673105 Opportunistic IPsec instances of /32 groups or
auto=start that receive delete won't restart
[3.25-6]
- Resolves: rhbz#1630355 Libreswan crash upon receiving ISAKMP_NEXT_D
with appended ISAKMP_NEXT_N [updated]
- Resolves: rhbz#1679735 libreswan using NSS IPsec profiles regresses
when critical flags are set causing validation failure
[3.25-5]
- Resolves: rhbz#1639404 Unable to verify certificate with non-empty
Extended Key Usage which does not include serverAuth or clientAuth
- Resolves: rhbz#1630355 Libreswan crash upon receiving ISAKMP_NEXT_D
with appended ISAKMP_NEXT_N
- Resolves: rhbz#1629902 libreswan assertion failed when
OAKLEY_KEY_LENGTH is zero for IKE using AES_CBC
- Resolves: rhbz#1623279 [abrt] [faf] libreswan: strncpy():
/usr/libexec/ipsec/pluto killed by 11
- Resolves: rhbz#1625303 config: recursive include check doesn't work
- Resolves: rhbz#1664521 libreswan 3.25 in FIPS mode is incorrectly
rejecting X.509 public keys that are >= 3072 bits
More information about the El-errata
mailing list