libreswan-4.9-2.el8.2

エラータID: AXSA:2023-6138:07

Release date: 
Tuesday, June 27, 2023 - 06:46
Subject: 
libreswan-4.9-2.el8.2
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).

Security Fix(es):

* libreswan: remote DoS via crafted TS payload with an incorrect selector length (CVE-2023-23009)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* authby=rsasig fails in FIPS policy (BZ#2187647)

CVE-2023-23009
Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.

Solution: 

Update packages.

CVEs: 
CVE-2023-23009
Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.
Additional Info: 

N/A

Download: 

SRPMS
  1. libreswan-4.9-2.el8.2.src.rpm
    MD5: ddfd82e5d69241741bf0b67538797cdf
    SHA-256: 0735bc1238c33e3395e6c9ae39b5bab06a8ee67004285ac1df7b58b57fb4200c
    Size: 12.54 MB

Asianux Server 8 for x86_64
  1. libreswan-4.9-2.el8.2.x86_64.rpm
    MD5: aa7d4e53c501a0e03c319fc17ef72305
    SHA-256: 45a612aadc398b9e329b8764166f782a5a9ebb56bdd5303d05f984f897c3cde9
    Size: 1.37 MB