Red Hat Product Errata RHBA-2020:3354 - Bug Fix Advisory
Issued:
2020-08-06
Updated:
2020-08-06

RHBA-2020:3354 - Bug Fix Advisory

Synopsis

libreswan bug fix and enhancement update

Type/Severity

Bug Fix Advisory

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libreswan is now available for Red Hat Enterprise Linux 7.

Description

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the
Internet Protocol Security and uses strong cryptography to provide both
authentication and encryption services. These services allow you to build
secure tunnels through untrusted networks such as virtual private network
(VPN).

Bug Fix(es) and Enhancement(s):

  • Backport FIPS keysize fixes from RHEL8 (BZ#1854325)

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le

Fixes

  • BZ - 1854325 - Backport FIPS keysize fixes from RHEL8 [rhel-7.8.z]

CVEs

(none)

References

(none)

Red Hat Enterprise Linux Server 7

SRPM
libreswan-3.25-9.1.el7_8.src.rpm SHA-256: fb4329cfa7fa4d83963b2ef0f2cd32b0940b9461a3a0994a5795b673e5e79019
x86_64
libreswan-3.25-9.1.el7_8.x86_64.rpm SHA-256: 7bddf8296cde3bcf96daf1c6046263bd412bead0846efb7dc460b57481a077be
libreswan-debuginfo-3.25-9.1.el7_8.x86_64.rpm SHA-256: d272027efa0a12b5bcf73829d5e061c9be05db3139285f43a4289372739d02cd

Red Hat Enterprise Linux Server - Extended Life Cycle Support 7

SRPM
libreswan-3.25-9.1.el7_8.src.rpm SHA-256: fb4329cfa7fa4d83963b2ef0f2cd32b0940b9461a3a0994a5795b673e5e79019
x86_64
libreswan-3.25-9.1.el7_8.x86_64.rpm SHA-256: 7bddf8296cde3bcf96daf1c6046263bd412bead0846efb7dc460b57481a077be
libreswan-debuginfo-3.25-9.1.el7_8.x86_64.rpm SHA-256: d272027efa0a12b5bcf73829d5e061c9be05db3139285f43a4289372739d02cd

Red Hat Enterprise Linux Workstation 7

SRPM
libreswan-3.25-9.1.el7_8.src.rpm SHA-256: fb4329cfa7fa4d83963b2ef0f2cd32b0940b9461a3a0994a5795b673e5e79019
x86_64
libreswan-3.25-9.1.el7_8.x86_64.rpm SHA-256: 7bddf8296cde3bcf96daf1c6046263bd412bead0846efb7dc460b57481a077be
libreswan-debuginfo-3.25-9.1.el7_8.x86_64.rpm SHA-256: d272027efa0a12b5bcf73829d5e061c9be05db3139285f43a4289372739d02cd

Red Hat Enterprise Linux Desktop 7

SRPM
libreswan-3.25-9.1.el7_8.src.rpm SHA-256: fb4329cfa7fa4d83963b2ef0f2cd32b0940b9461a3a0994a5795b673e5e79019
x86_64
libreswan-3.25-9.1.el7_8.x86_64.rpm SHA-256: 7bddf8296cde3bcf96daf1c6046263bd412bead0846efb7dc460b57481a077be
libreswan-debuginfo-3.25-9.1.el7_8.x86_64.rpm SHA-256: d272027efa0a12b5bcf73829d5e061c9be05db3139285f43a4289372739d02cd

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
libreswan-3.25-9.1.el7_8.src.rpm SHA-256: fb4329cfa7fa4d83963b2ef0f2cd32b0940b9461a3a0994a5795b673e5e79019
s390x
libreswan-3.25-9.1.el7_8.s390x.rpm SHA-256: 7aa0bc3c06e2d53f8318bd47e7707d463b2e4ab7180edd7eb38266af86c1f05c
libreswan-debuginfo-3.25-9.1.el7_8.s390x.rpm SHA-256: dbc3ea9eb2011e26895188a64f96474c24da3ee378f82a0cf4628e06e7b18a8b

Red Hat Enterprise Linux for Power, big endian 7

SRPM
libreswan-3.25-9.1.el7_8.src.rpm SHA-256: fb4329cfa7fa4d83963b2ef0f2cd32b0940b9461a3a0994a5795b673e5e79019
ppc64
libreswan-3.25-9.1.el7_8.ppc64.rpm SHA-256: 77ed532643afdf10e450b01edbbd8e4f770f409e7be20f8a41f1b4920bd16cb2
libreswan-debuginfo-3.25-9.1.el7_8.ppc64.rpm SHA-256: a6625cc6e6cbd9435fded6f4b0a61f711bd266972750c31b1e5c1f3f99ed4933

Red Hat Enterprise Linux for Power, little endian 7

SRPM
libreswan-3.25-9.1.el7_8.src.rpm SHA-256: fb4329cfa7fa4d83963b2ef0f2cd32b0940b9461a3a0994a5795b673e5e79019
ppc64le
libreswan-3.25-9.1.el7_8.ppc64le.rpm SHA-256: ae1e98162b9afc2bca23f12190ec220de8b0e38a58360a77010f2434b73f7354
libreswan-debuginfo-3.25-9.1.el7_8.ppc64le.rpm SHA-256: 08d3fcf3aa999ee0e783be924755f5ec71182cd161519ee8fa9cd903441af4c5

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7

SRPM
libreswan-3.25-9.1.el7_8.src.rpm SHA-256: fb4329cfa7fa4d83963b2ef0f2cd32b0940b9461a3a0994a5795b673e5e79019
s390x
libreswan-3.25-9.1.el7_8.s390x.rpm SHA-256: 7aa0bc3c06e2d53f8318bd47e7707d463b2e4ab7180edd7eb38266af86c1f05c
libreswan-debuginfo-3.25-9.1.el7_8.s390x.rpm SHA-256: dbc3ea9eb2011e26895188a64f96474c24da3ee378f82a0cf4628e06e7b18a8b

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7

SRPM
libreswan-3.25-9.1.el7_8.src.rpm SHA-256: fb4329cfa7fa4d83963b2ef0f2cd32b0940b9461a3a0994a5795b673e5e79019
ppc64
libreswan-3.25-9.1.el7_8.ppc64.rpm SHA-256: 77ed532643afdf10e450b01edbbd8e4f770f409e7be20f8a41f1b4920bd16cb2
libreswan-debuginfo-3.25-9.1.el7_8.ppc64.rpm SHA-256: a6625cc6e6cbd9435fded6f4b0a61f711bd266972750c31b1e5c1f3f99ed4933

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7

SRPM
libreswan-3.25-9.1.el7_8.src.rpm SHA-256: fb4329cfa7fa4d83963b2ef0f2cd32b0940b9461a3a0994a5795b673e5e79019
ppc64le
libreswan-3.25-9.1.el7_8.ppc64le.rpm SHA-256: ae1e98162b9afc2bca23f12190ec220de8b0e38a58360a77010f2434b73f7354
libreswan-debuginfo-3.25-9.1.el7_8.ppc64le.rpm SHA-256: 08d3fcf3aa999ee0e783be924755f5ec71182cd161519ee8fa9cd903441af4c5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.