14 lines
1.4 KiB
JSON
14 lines
1.4 KiB
JSON
{
|
|
"id": "openEuler-SA-2023-1318",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1318",
|
|
"title": "An update for libreswan is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1",
|
|
"severity": "High",
|
|
"description": "Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up Libreswan. Libreswan also supports IKEv2 (RFC7296) and Secure Labeling Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04\n\r\n\r\nSecurity Fix(es):\r\n\r\npluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.(CVE-2023-30570)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2023-30570",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30570",
|
|
"severity": "High"
|
|
}
|
|
]
|
|
} |