Red Hat Product Errata RHBA-2011:0388 - Bug Fix Advisory
Issued:
2011-03-28
Updated:
2011-03-28

RHBA-2011:0388 - Bug Fix Advisory

Synopsis

openswan bug fix update

Type/Severity

Bug Fix Advisory

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated openswan packages that fix a bug are now available for Red Hat
Enterprise Linux 5 Extended Update Support.

Description

Openswan is a free implementation of Internet Protocol Security (IPsec) and
Internet Key Exchange (IKE). IPsec uses strong cryptography to provide both
authentication and encryption services. These services allow you to build secure
tunnels through untrusted networks.

This update fixes the following bug:

  • Due to an error in a buffer initialization, the following message may have

been written to the /var/log/secure log file during the IKE negotiation:

size ([size]) differs from size specified in ISAKMP HDR ([size])

Consequently, the establishment of secure connections could be significantly
delayed. This update applies an upstream patch that resolves this issue, and the
establishment of IPsec connections is is no longer delayed. (BZ#680044)

All users of openswan are advised to upgrade to these updated packages, which
resolve this issue.

Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.6 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.6 i386
  • Red Hat Enterprise Linux Server - AUS 5.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 5.6 ia64
  • Red Hat Enterprise Linux Server - AUS 5.6 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.6 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.6 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386
  • Red Hat Enterprise Linux Server - Extended Update Support from RHUI 5.6 x86_64
  • Red Hat Enterprise Linux Server - Extended Update Support from RHUI 5.6 i386

Fixes

  • BZ - 680044 - 2 tunnels (IPv4 and IPv6) do not work together using certs/keys

CVEs

(none)

References

(none)

Red Hat Enterprise Linux Server 5

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
x86_64
openswan-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
ia64
openswan-2.6.21-5.el5_6.4.ia64.rpm SHA-256: c22230df45451fdbcb4ae9728c13b92571800c3a4981ded245ebe531ca63f02a
openswan-doc-2.6.21-5.el5_6.4.ia64.rpm SHA-256: 941b5146255f80c2dd7c7c1a3ae83f1a6d004ebe2d5f44c1140a07e99cda98dc
i386
openswan-2.6.21-5.el5_6.4.i386.rpm SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd

Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.6

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
x86_64
openswan-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
ia64
openswan-2.6.21-5.el5_6.4.ia64.rpm SHA-256: c22230df45451fdbcb4ae9728c13b92571800c3a4981ded245ebe531ca63f02a
openswan-doc-2.6.21-5.el5_6.4.ia64.rpm SHA-256: 941b5146255f80c2dd7c7c1a3ae83f1a6d004ebe2d5f44c1140a07e99cda98dc
i386
openswan-2.6.21-5.el5_6.4.i386.rpm SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd

Red Hat Enterprise Linux Server - AUS 5.6

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
x86_64
openswan-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
ia64
openswan-2.6.21-5.el5_6.4.ia64.rpm SHA-256: c22230df45451fdbcb4ae9728c13b92571800c3a4981ded245ebe531ca63f02a
openswan-doc-2.6.21-5.el5_6.4.ia64.rpm SHA-256: 941b5146255f80c2dd7c7c1a3ae83f1a6d004ebe2d5f44c1140a07e99cda98dc
i386
openswan-2.6.21-5.el5_6.4.i386.rpm SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd

Red Hat Enterprise Linux Workstation 5

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
x86_64
openswan-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
i386
openswan-2.6.21-5.el5_6.4.i386.rpm SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd

Red Hat Enterprise Linux Desktop 5

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
x86_64
openswan-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
i386
openswan-2.6.21-5.el5_6.4.i386.rpm SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
s390x
openswan-2.6.21-5.el5_6.4.s390x.rpm SHA-256: eee9cb908cf305e4de18fd5c10ac4d368b078e5659dd8256fa9f279e83eceb1a
openswan-doc-2.6.21-5.el5_6.4.s390x.rpm SHA-256: 86257fc3547f56c6b45543c74e4bf119b1036e8723e470eeaaf898c07608b201

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.6

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
s390x
openswan-2.6.21-5.el5_6.4.s390x.rpm SHA-256: eee9cb908cf305e4de18fd5c10ac4d368b078e5659dd8256fa9f279e83eceb1a
openswan-doc-2.6.21-5.el5_6.4.s390x.rpm SHA-256: 86257fc3547f56c6b45543c74e4bf119b1036e8723e470eeaaf898c07608b201

Red Hat Enterprise Linux for Power, big endian 5

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
ppc
openswan-2.6.21-5.el5_6.4.ppc.rpm SHA-256: e4798ec110548bb0be0abce05740898b26d1d8099cad1dcfbe824c1b5dcd974b
openswan-doc-2.6.21-5.el5_6.4.ppc.rpm SHA-256: 60a75fc71e6ed1fc4aab7a40d90aa0a02e22675fc0e1c3b6faf95de040a636e0

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.6

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
ppc
openswan-2.6.21-5.el5_6.4.ppc.rpm SHA-256: e4798ec110548bb0be0abce05740898b26d1d8099cad1dcfbe824c1b5dcd974b
openswan-doc-2.6.21-5.el5_6.4.ppc.rpm SHA-256: 60a75fc71e6ed1fc4aab7a40d90aa0a02e22675fc0e1c3b6faf95de040a636e0

Red Hat Enterprise Linux Server from RHUI 5

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
x86_64
openswan-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
i386
openswan-2.6.21-5.el5_6.4.i386.rpm SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd

Red Hat Enterprise Linux Server - Extended Update Support from RHUI 5.6

SRPM
openswan-2.6.21-5.el5_6.4.src.rpm SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
x86_64
openswan-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
i386
openswan-2.6.21-5.el5_6.4.i386.rpm SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.