Red Hat Product Errata RHBA-2018:0932 - Bug Fix Advisory

Issued:: 2018-04-10
Updated:: 2018-04-10

RHBA-2018:0932 - Bug Fix Advisory

Overview
Updated Packages

Synopsis

libreswan bug fix and enhancement update

Type/Severity

Bug Fix Advisory

Topic

An update for libreswan is now available for Red Hat Enterprise Linux 7.

Description

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

Users of libreswan are advised to upgrade to these updated packages.

Solution

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
Red Hat Enterprise Linux Server - AUS 7.7 x86_64
Red Hat Enterprise Linux Server - AUS 7.6 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
Red Hat Enterprise Linux Server - TUS 7.7 x86_64
Red Hat Enterprise Linux Server - TUS 7.6 x86_64
Red Hat Enterprise Linux for ARM 64 7 aarch64
Red Hat Enterprise Linux for Power 9 7 ppc64le
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

BZ - 1136076 - After IKE rekeying Pluto sends DPD even if there is active SA
BZ - 1300759 - Implement RFC-7427 Digital Signature authentication.
BZ - 1300763 - Implement draft-ietf-ipsecme-split-dns for libreswan
BZ - 1324421 - libreswan works not well when setting leftid field to be email address
BZ - 1375750 - SECCOMP support for libreswan
BZ - 1375776 - [IKEv2 Conformance] Test IKEv2.EN.R.1.2.2.1: Receipt of retransmitted CREATE_CHILD_SA reques failed
BZ - 1457904 - rebase libreswan to 3.23
BZ - 1471553 - libreswan postquantum preshared key (PPK) support
BZ - 1471763 - RFE: libreswan MOBIKE support (RFC-4555)
BZ - 1492501 - Reboot or 'systemctl stop ipsec' brings down _ethernet_ interfaces on _both_ ends of ipv4 ipsec tunnel !!!

CVEs

(none)

References

https://access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux Server - AUS 7.7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux Server - AUS 7.6

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux Workstation 7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux Desktop 7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
s390x
libreswan-3.23-3.el7.s390x.rpm	SHA-256: 33dc09c4d2cbcc9914a3d26852100a29b6bd4e1a98277625a6ae6ba1e71718bd
libreswan-debuginfo-3.23-3.el7.s390x.rpm	SHA-256: e74f22e29efaa44b1c5f570ab0ee1c52e9337d684094f9a18824c122914bc50a

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
s390x
libreswan-3.23-3.el7.s390x.rpm	SHA-256: 33dc09c4d2cbcc9914a3d26852100a29b6bd4e1a98277625a6ae6ba1e71718bd
libreswan-debuginfo-3.23-3.el7.s390x.rpm	SHA-256: e74f22e29efaa44b1c5f570ab0ee1c52e9337d684094f9a18824c122914bc50a

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
s390x
libreswan-3.23-3.el7.s390x.rpm	SHA-256: 33dc09c4d2cbcc9914a3d26852100a29b6bd4e1a98277625a6ae6ba1e71718bd
libreswan-debuginfo-3.23-3.el7.s390x.rpm	SHA-256: e74f22e29efaa44b1c5f570ab0ee1c52e9337d684094f9a18824c122914bc50a

Red Hat Enterprise Linux for Power, big endian 7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
ppc64
libreswan-3.23-3.el7.ppc64.rpm	SHA-256: fbbf1994f7b8c45c3c4cb907bf656ab885938f443cf7164ba726788779f2a46d
libreswan-debuginfo-3.23-3.el7.ppc64.rpm	SHA-256: 0eb6fff7c67c6fd6849c24c6b9c46e06ca74aad59e193c6b4f7176fc8ac396ce

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
ppc64
libreswan-3.23-3.el7.ppc64.rpm	SHA-256: fbbf1994f7b8c45c3c4cb907bf656ab885938f443cf7164ba726788779f2a46d
libreswan-debuginfo-3.23-3.el7.ppc64.rpm	SHA-256: 0eb6fff7c67c6fd6849c24c6b9c46e06ca74aad59e193c6b4f7176fc8ac396ce

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
ppc64
libreswan-3.23-3.el7.ppc64.rpm	SHA-256: fbbf1994f7b8c45c3c4cb907bf656ab885938f443cf7164ba726788779f2a46d
libreswan-debuginfo-3.23-3.el7.ppc64.rpm	SHA-256: 0eb6fff7c67c6fd6849c24c6b9c46e06ca74aad59e193c6b4f7176fc8ac396ce

Red Hat Enterprise Linux for Power, little endian 7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
ppc64le
libreswan-3.23-3.el7.ppc64le.rpm	SHA-256: 4497ca9a50d1651eccbac0a32c6cd326c05f1ffb79d2594ffc9e572e11bc8c13
libreswan-debuginfo-3.23-3.el7.ppc64le.rpm	SHA-256: 750eba5a45b868b0d82405e70d56d72b3c99fc3cb729236be2998518ac82eddc

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
ppc64le
libreswan-3.23-3.el7.ppc64le.rpm	SHA-256: 4497ca9a50d1651eccbac0a32c6cd326c05f1ffb79d2594ffc9e572e11bc8c13
libreswan-debuginfo-3.23-3.el7.ppc64le.rpm	SHA-256: 750eba5a45b868b0d82405e70d56d72b3c99fc3cb729236be2998518ac82eddc

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
ppc64le
libreswan-3.23-3.el7.ppc64le.rpm	SHA-256: 4497ca9a50d1651eccbac0a32c6cd326c05f1ffb79d2594ffc9e572e11bc8c13
libreswan-debuginfo-3.23-3.el7.ppc64le.rpm	SHA-256: 750eba5a45b868b0d82405e70d56d72b3c99fc3cb729236be2998518ac82eddc

Red Hat Enterprise Linux Server - TUS 7.7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux Server - TUS 7.6

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux for ARM 64 7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
aarch64
libreswan-3.23-3.el7.aarch64.rpm	SHA-256: 0146e5adcd42d57ac41cf6be84b85097892aed9eb77d0c83d272dbf229dc7b28
libreswan-3.23-3.el7.aarch64.rpm	SHA-256: 0146e5adcd42d57ac41cf6be84b85097892aed9eb77d0c83d272dbf229dc7b28
libreswan-3.23-3.el7.aarch64.rpm	SHA-256: 0146e5adcd42d57ac41cf6be84b85097892aed9eb77d0c83d272dbf229dc7b28
libreswan-debuginfo-3.23-3.el7.aarch64.rpm	SHA-256: f22be19f4487999fbacbc665ca8f39b3be12a00a230891f29486c95e5c91e1f2
libreswan-debuginfo-3.23-3.el7.aarch64.rpm	SHA-256: f22be19f4487999fbacbc665ca8f39b3be12a00a230891f29486c95e5c91e1f2
libreswan-debuginfo-3.23-3.el7.aarch64.rpm	SHA-256: f22be19f4487999fbacbc665ca8f39b3be12a00a230891f29486c95e5c91e1f2

Red Hat Enterprise Linux for Power 9 7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
ppc64le
libreswan-3.23-3.el7.ppc64le.rpm	SHA-256: 4497ca9a50d1651eccbac0a32c6cd326c05f1ffb79d2594ffc9e572e11bc8c13
libreswan-3.23-3.el7.ppc64le.rpm	SHA-256: 4497ca9a50d1651eccbac0a32c6cd326c05f1ffb79d2594ffc9e572e11bc8c13
libreswan-3.23-3.el7.ppc64le.rpm	SHA-256: 4497ca9a50d1651eccbac0a32c6cd326c05f1ffb79d2594ffc9e572e11bc8c13
libreswan-debuginfo-3.23-3.el7.ppc64le.rpm	SHA-256: 750eba5a45b868b0d82405e70d56d72b3c99fc3cb729236be2998518ac82eddc
libreswan-debuginfo-3.23-3.el7.ppc64le.rpm	SHA-256: 750eba5a45b868b0d82405e70d56d72b3c99fc3cb729236be2998518ac82eddc
libreswan-debuginfo-3.23-3.el7.ppc64le.rpm	SHA-256: 750eba5a45b868b0d82405e70d56d72b3c99fc3cb729236be2998518ac82eddc

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
ppc64le
libreswan-3.23-3.el7.ppc64le.rpm	SHA-256: 4497ca9a50d1651eccbac0a32c6cd326c05f1ffb79d2594ffc9e572e11bc8c13
libreswan-debuginfo-3.23-3.el7.ppc64le.rpm	SHA-256: 750eba5a45b868b0d82405e70d56d72b3c99fc3cb729236be2998518ac82eddc

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
ppc64le
libreswan-3.23-3.el7.ppc64le.rpm	SHA-256: 4497ca9a50d1651eccbac0a32c6cd326c05f1ffb79d2594ffc9e572e11bc8c13
libreswan-debuginfo-3.23-3.el7.ppc64le.rpm	SHA-256: 750eba5a45b868b0d82405e70d56d72b3c99fc3cb729236be2998518ac82eddc

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
x86_64
libreswan-3.23-3.el7.x86_64.rpm	SHA-256: 7e2926660b7b2d8b086316fd96a1dc35106e1661ebec4440bb53b7bf2c910955
libreswan-debuginfo-3.23-3.el7.x86_64.rpm	SHA-256: 89aa33999fafe66cbc6a5648f22326f652f1c5f43c1518ca5330c1663a637fcc

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
libreswan-3.23-3.el7.src.rpm	SHA-256: 4ab3b389a1abfc2fe22389e968e9f956931c8b84c795c82855d47bcee7e974d1
s390x
libreswan-3.23-3.el7.s390x.rpm	SHA-256: 33dc09c4d2cbcc9914a3d26852100a29b6bd4e1a98277625a6ae6ba1e71718bd
libreswan-3.23-3.el7.s390x.rpm	SHA-256: 33dc09c4d2cbcc9914a3d26852100a29b6bd4e1a98277625a6ae6ba1e71718bd
libreswan-3.23-3.el7.s390x.rpm	SHA-256: 33dc09c4d2cbcc9914a3d26852100a29b6bd4e1a98277625a6ae6ba1e71718bd
libreswan-debuginfo-3.23-3.el7.s390x.rpm	SHA-256: e74f22e29efaa44b1c5f570ab0ee1c52e9337d684094f9a18824c122914bc50a
libreswan-debuginfo-3.23-3.el7.s390x.rpm	SHA-256: e74f22e29efaa44b1c5f570ab0ee1c52e9337d684094f9a18824c122914bc50a
libreswan-debuginfo-3.23-3.el7.s390x.rpm	SHA-256: e74f22e29efaa44b1c5f570ab0ee1c52e9337d684094f9a18824c122914bc50a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.