[El-errata] ELBA-2019-3058 Oracle Linux 7 libreswan bug fix update (aarch64)

[Errata Announcements for Oracle Linux]

Oracle Linux Bug Fix Advisory ELBA-2019-3058

http://linux.oracle.com/errata/ELBA-2019-3058.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

aarch64:
libreswan-3.25-8.1.0.1.el7_7.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libreswan-3.25-8.1.0.1.el7_7.src.rpm



Description of changes:

[3.25-8.1.0.1]
- add libreswan-oracle.patch to detect Oracle Linux distro

[3.25-8.1]
- Resolves: rhbz#1746052 libreswan: XFRM policy for OE/32 peer is 
deleted when shunts for previous half-open state expire [rhel-7.7.z]

[3.25-8]
- Resolves: rhbz#1686991 IKEv1 traffic interruption when responder 
deletes SAs 60 seconds before EVENT_SA_REPLACE

[3.25-7]
- Resolves: rhbz#1673105 Opportunistic IPsec instances of /32 groups or 
auto=start that receive delete won't restart

[3.25-6]
- Resolves: rhbz#1630355 Libreswan crash upon receiving ISAKMP_NEXT_D 
with appended ISAKMP_NEXT_N [updated]
- Resolves: rhbz#1679735 libreswan using NSS IPsec profiles regresses 
when critical flags are set causing validation failure

[3.25-5]
- Resolves: rhbz#1639404 Unable to verify certificate with non-empty 
Extended Key Usage which does not include serverAuth or clientAuth
- Resolves: rhbz#1630355 Libreswan crash upon receiving ISAKMP_NEXT_D 
with appended ISAKMP_NEXT_N
- Resolves: rhbz#1629902 libreswan assertion failed when 
OAKLEY_KEY_LENGTH is zero for IKE using AES_CBC
- Resolves: rhbz#1623279 [abrt] [faf] libreswan: strncpy(): 
/usr/libexec/ipsec/pluto killed by 11
- Resolves: rhbz#1625303 config: recursive include check doesn't work
- Resolves: rhbz#1664521 libreswan 3.25 in FIPS mode is incorrectly 
rejecting X.509 public keys that are >= 3072 bits