RHSA-2022:0239: Red Hat Security Advisory: libreswan security update

Skip to navigation Skip to main content

Utilities

• Subscriptions
• Downloads
• Containers
• Support Cases

Infrastructure and Management

• Red Hat Enterprise Linux
• Red Hat Virtualization
• Red Hat Identity Management
• Red Hat Directory Server
• Red Hat Certificate System
• Red Hat Satellite
• Red Hat Subscription Management
• Red Hat Update Infrastructure
• Red Hat Insights
• Red Hat Ansible Automation Platform

Cloud Computing

• Red Hat OpenShift
• Red Hat CloudForms
• Red Hat OpenStack Platform
• Red Hat OpenShift Container Platform
• Red Hat OpenShift Data Science
• Red Hat OpenShift Online
• Red Hat OpenShift Dedicated
• Red Hat Advanced Cluster Security for Kubernetes
• Red Hat Advanced Cluster Management for Kubernetes
• Red Hat Quay
• Red Hat CodeReady Workspaces
• Red Hat OpenShift Service on AWS

Storage

• Red Hat Gluster Storage
• Red Hat Hyperconverged Infrastructure
• Red Hat Ceph Storage
• Red Hat OpenShift Data Foundation

Runtimes

• Red Hat Runtimes
• Red Hat JBoss Enterprise Application Platform
• Red Hat Data Grid
• Red Hat JBoss Web Server
• Red Hat Single Sign On
• Red Hat support for Spring Boot
• Red Hat build of Node.js
• Red Hat build of Thorntail
• Red Hat build of Eclipse Vert.x
• Red Hat build of OpenJDK
• Red Hat build of Quarkus
• Red Hat CodeReady Studio

Integration and Automation

• Red Hat Process Automation
• Red Hat Process Automation Manager
• Red Hat Decision Manager

All Products

Issued:

2022-01-24

Updated:

2022-01-24

RHSA-2022:0239 - Security Advisory

• Overview
• Updated Packages

Synopsis

Important: libreswan security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libreswan is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).

Security Fix(es):

• libreswan: Malicious IKEv1 packet can cause libreswan to restart (CVE-2022-23094)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

• Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
• Red Hat Enterprise Linux Server - AUS 8.4 x86_64
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
• Red Hat Enterprise Linux Server - TUS 8.4 x86_64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
• Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
• Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64

Fixes

• BZ - 2036898 - CVE-2022-23094 libreswan: Malicious IKEv1 packet can cause libreswan to restart

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM

libreswan-4.3-6.el8_4.src.rpm

SHA-256: dd8a13238e1f4d574c34695f09f10a9525bd57535df9b3cb3312e574d9c502f6

x86_64

libreswan-4.3-6.el8_4.x86_64.rpm

SHA-256: beabbec2a401f427cd9ef55cae163d76b80b44b574ddffc4e3f624cda35d0168

libreswan-debuginfo-4.3-6.el8_4.x86_64.rpm

SHA-256: 7d53ade2e4b489e5cdd858811ca29589ce3a3f3a05d924fa7d4ef57d8fb4f67d

libreswan-debugsource-4.3-6.el8_4.x86_64.rpm

SHA-256: 2666d55e5cac57f357b928c5c13fd5e85b5fc77bf8867507a5a5ccb7fa082323

Red Hat Enterprise Linux Server - AUS 8.4

SRPM

libreswan-4.3-6.el8_4.src.rpm

SHA-256: dd8a13238e1f4d574c34695f09f10a9525bd57535df9b3cb3312e574d9c502f6

x86_64

libreswan-4.3-6.el8_4.x86_64.rpm

SHA-256: beabbec2a401f427cd9ef55cae163d76b80b44b574ddffc4e3f624cda35d0168

libreswan-debuginfo-4.3-6.el8_4.x86_64.rpm

SHA-256: 7d53ade2e4b489e5cdd858811ca29589ce3a3f3a05d924fa7d4ef57d8fb4f67d

libreswan-debugsource-4.3-6.el8_4.x86_64.rpm

SHA-256: 2666d55e5cac57f357b928c5c13fd5e85b5fc77bf8867507a5a5ccb7fa082323

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

SRPM

libreswan-4.3-6.el8_4.src.rpm

SHA-256: dd8a13238e1f4d574c34695f09f10a9525bd57535df9b3cb3312e574d9c502f6

s390x

libreswan-4.3-6.el8_4.s390x.rpm

SHA-256: ddc9d124ad90d69edd3cf706c0afa084edb140d41923acf1810717c093a03e28

libreswan-debuginfo-4.3-6.el8_4.s390x.rpm

SHA-256: dabf9a3a34ab843f06d008e72b3be61559a5798f9c79e4206aa202e8ab8ae542

libreswan-debugsource-4.3-6.el8_4.s390x.rpm

SHA-256: 817ba7b717355fbdd048ec42fded34b109ca2e018abc752bd799726cb61fd012

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

SRPM

libreswan-4.3-6.el8_4.src.rpm

SHA-256: dd8a13238e1f4d574c34695f09f10a9525bd57535df9b3cb3312e574d9c502f6

ppc64le

libreswan-4.3-6.el8_4.ppc64le.rpm

SHA-256: d4940495f37c34045715804a2c1229468c6ef0edab1584c2c58b9af228a09724

libreswan-debuginfo-4.3-6.el8_4.ppc64le.rpm

SHA-256: 5f75fafcbcb384213e89887ff87257ea557255a31143375bef3a66d7227f5031

libreswan-debugsource-4.3-6.el8_4.ppc64le.rpm

SHA-256: e0a93c0ee608dc567fbce25ed2d2a4d546ccf249bf4a1cf8de0c52215c7d3057

Red Hat Enterprise Linux Server - TUS 8.4

SRPM

libreswan-4.3-6.el8_4.src.rpm

SHA-256: dd8a13238e1f4d574c34695f09f10a9525bd57535df9b3cb3312e574d9c502f6

x86_64

libreswan-4.3-6.el8_4.x86_64.rpm

SHA-256: beabbec2a401f427cd9ef55cae163d76b80b44b574ddffc4e3f624cda35d0168

libreswan-debuginfo-4.3-6.el8_4.x86_64.rpm

SHA-256: 7d53ade2e4b489e5cdd858811ca29589ce3a3f3a05d924fa7d4ef57d8fb4f67d

libreswan-debugsource-4.3-6.el8_4.x86_64.rpm

SHA-256: 2666d55e5cac57f357b928c5c13fd5e85b5fc77bf8867507a5a5ccb7fa082323

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

SRPM

libreswan-4.3-6.el8_4.src.rpm

SHA-256: dd8a13238e1f4d574c34695f09f10a9525bd57535df9b3cb3312e574d9c502f6

aarch64

libreswan-4.3-6.el8_4.aarch64.rpm

SHA-256: 097100d61d2510efe064dbbfec426c82d485e294ff0006d2fc7f0d297f9c720f

libreswan-debuginfo-4.3-6.el8_4.aarch64.rpm

SHA-256: 844efa7080d0c263085efc572cabaa06d064d271320f242011629528520c1bc7

libreswan-debugsource-4.3-6.el8_4.aarch64.rpm

SHA-256: 5673e1e0d9ea679d8a1bb84635ff02e4b9ceaff7d2b560975e7c79d5d3297b92

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4

SRPM

libreswan-4.3-6.el8_4.src.rpm

SHA-256: dd8a13238e1f4d574c34695f09f10a9525bd57535df9b3cb3312e574d9c502f6

ppc64le

libreswan-4.3-6.el8_4.ppc64le.rpm

SHA-256: d4940495f37c34045715804a2c1229468c6ef0edab1584c2c58b9af228a09724

libreswan-debuginfo-4.3-6.el8_4.ppc64le.rpm

SHA-256: 5f75fafcbcb384213e89887ff87257ea557255a31143375bef3a66d7227f5031

libreswan-debugsource-4.3-6.el8_4.ppc64le.rpm

SHA-256: e0a93c0ee608dc567fbce25ed2d2a4d546ccf249bf4a1cf8de0c52215c7d3057

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4

SRPM

libreswan-4.3-6.el8_4.src.rpm

SHA-256: dd8a13238e1f4d574c34695f09f10a9525bd57535df9b3cb3312e574d9c502f6

x86_64

libreswan-4.3-6.el8_4.x86_64.rpm

SHA-256: beabbec2a401f427cd9ef55cae163d76b80b44b574ddffc4e3f624cda35d0168

libreswan-debuginfo-4.3-6.el8_4.x86_64.rpm

SHA-256: 7d53ade2e4b489e5cdd858811ca29589ce3a3f3a05d924fa7d4ef57d8fb4f67d

libreswan-debugsource-4.3-6.el8_4.x86_64.rpm

SHA-256: 2666d55e5cac57f357b928c5c13fd5e85b5fc77bf8867507a5a5ccb7fa082323

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.