jiachao2130/cvrf2cusa
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
cvrf2cusa/cvrf/2024/cvrf-openEuler-SA-2024-1565.xml
Jia Chao 0b34274085 git mv 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
2024-07-25 09:57:37 +08:00

159 lines
15 KiB
XML
Raw Permalink Blame History

<?xml version="1.0" encoding="UTF-8"?>
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1">
<DocumentTitle xml:lang="en">An update for libreswan is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3</DocumentTitle>
<DocumentType>Security Advisory</DocumentType>
<DocumentPublisher Type="Vendor">
<ContactDetails>openeuler-security@openeuler.org</ContactDetails>
<IssuingAuthority>openEuler security committee</IssuingAuthority>
</DocumentPublisher>
<DocumentTracking>
<Identification>
<ID>openEuler-SA-2024-1565</ID>
</Identification>
<Status>Final</Status>
<Version>1.0</Version>
<RevisionHistory>
<Revision>
<Number>1.0</Number>
<Date>2024-05-10</Date>
<Description>Initial</Description>
</Revision>
</RevisionHistory>
<InitialReleaseDate>2024-05-10</InitialReleaseDate>
<CurrentReleaseDate>2024-05-10</CurrentReleaseDate>
<Generator>
<Engine>openEuler SA Tool V1.0</Engine>
<Date>2024-05-10</Date>
</Generator>
</DocumentTracking>
<DocumentNotes>
<Note Title="Synopsis" Type="General" Ordinal="1" xml:lang="en">libreswan security update</Note>
<Note Title="Summary" Type="General" Ordinal="2" xml:lang="en">An update for libreswan is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3.</Note>
<Note Title="Description" Type="General" Ordinal="3" xml:lang="en">Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN.
Security Fix(es):
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan&apos;s default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.(CVE-2024-3652)</Note>
<Note Title="Topic" Type="General" Ordinal="4" xml:lang="en">An update for libreswan is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3.
openEuler Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.</Note>
<Note Title="Severity" Type="General" Ordinal="5" xml:lang="en">Low</Note>
<Note Title="Affected Component" Type="General" Ordinal="6" xml:lang="en">libreswan</Note>
</DocumentNotes>
<DocumentReferences>
<Reference Type="Self">
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1565</URL>
</Reference>
<Reference Type="openEuler CVE">
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2024-3652</URL>
</Reference>
<Reference Type="Other">
<URL>https://nvd.nist.gov/vuln/detail/CVE-2024-3652</URL>
</Reference>
</DocumentReferences>
<ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1">
<Branch Type="Product Name" Name="openEuler">
<FullProductName ProductID="openEuler-20.03-LTS-SP1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">openEuler-20.03-LTS-SP1</FullProductName>
<FullProductName ProductID="openEuler-20.03-LTS-SP4" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP4">openEuler-20.03-LTS-SP4</FullProductName>
<FullProductName ProductID="openEuler-22.03-LTS" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">openEuler-22.03-LTS</FullProductName>
<FullProductName ProductID="openEuler-22.03-LTS-SP1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">openEuler-22.03-LTS-SP1</FullProductName>
<FullProductName ProductID="openEuler-22.03-LTS-SP2" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP2">openEuler-22.03-LTS-SP2</FullProductName>
<FullProductName ProductID="openEuler-22.03-LTS-SP3" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">openEuler-22.03-LTS-SP3</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="aarch64">
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">libreswan-4.15-1.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">libreswan-help-4.15-1.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">libreswan-debugsource-4.15-1.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">libreswan-debuginfo-4.15-1.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP4">libreswan-help-4.15-1.oe2003sp4.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP4">libreswan-debugsource-4.15-1.oe2003sp4.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP4">libreswan-debuginfo-4.15-1.oe2003sp4.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP4">libreswan-4.15-1.oe2003sp4.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">libreswan-debuginfo-4.15-1.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">libreswan-debugsource-4.15-1.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">libreswan-4.15-1.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">libreswan-help-4.15-1.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">libreswan-4.15-1.oe2203sp1.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">libreswan-debuginfo-4.15-1.oe2203sp1.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">libreswan-debugsource-4.15-1.oe2203sp1.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">libreswan-help-4.15-1.oe2203sp1.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP2">libreswan-debuginfo-4.15-1.oe2203sp2.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP2">libreswan-debugsource-4.15-1.oe2203sp2.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP2">libreswan-help-4.15-1.oe2203sp2.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP2">libreswan-4.15-1.oe2203sp2.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">libreswan-debugsource-4.15-1.oe2203sp3.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">libreswan-debuginfo-4.15-1.oe2203sp3.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">libreswan-help-4.15-1.oe2203sp3.aarch64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">libreswan-4.15-1.oe2203sp3.aarch64.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="src">
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">libreswan-4.15-1.oe1.src.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP4">libreswan-4.15-1.oe2003sp4.src.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">libreswan-4.15-1.oe2203.src.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">libreswan-4.15-1.oe2203sp1.src.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP2">libreswan-4.15-1.oe2203sp2.src.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">libreswan-4.15-1.oe2203sp3.src.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="x86_64">
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">libreswan-help-4.15-1.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">libreswan-debugsource-4.15-1.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">libreswan-debuginfo-4.15-1.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">libreswan-4.15-1.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP4">libreswan-4.15-1.oe2003sp4.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP4">libreswan-debugsource-4.15-1.oe2003sp4.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP4">libreswan-debuginfo-4.15-1.oe2003sp4.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP4">libreswan-help-4.15-1.oe2003sp4.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">libreswan-4.15-1.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">libreswan-debuginfo-4.15-1.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">libreswan-debugsource-4.15-1.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">libreswan-help-4.15-1.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">libreswan-help-4.15-1.oe2203sp1.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">libreswan-debugsource-4.15-1.oe2203sp1.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">libreswan-debuginfo-4.15-1.oe2203sp1.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">libreswan-4.15-1.oe2203sp1.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP2">libreswan-debuginfo-4.15-1.oe2203sp2.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP2">libreswan-debugsource-4.15-1.oe2203sp2.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP2">libreswan-4.15-1.oe2203sp2.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP2">libreswan-help-4.15-1.oe2203sp2.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">libreswan-4.15-1.oe2203sp3.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debugsource-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">libreswan-debugsource-4.15-1.oe2203sp3.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-debuginfo-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">libreswan-debuginfo-4.15-1.oe2203sp3.x86_64.rpm</FullProductName>
<FullProductName ProductID="libreswan-help-4.15-1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">libreswan-help-4.15-1.oe2203sp3.x86_64.rpm</FullProductName>
</Branch>
</ProductTree>
<Vulnerability Ordinal="1" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan s default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.</Note>
</Notes>
<ReleaseDate>2024-05-10</ReleaseDate>
<CVE>CVE-2024-3652</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP4</ProductID>
<ProductID>openEuler-22.03-LTS</ProductID>
<ProductID>openEuler-22.03-LTS-SP1</ProductID>
<ProductID>openEuler-22.03-LTS-SP2</ProductID>
<ProductID>openEuler-22.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Low</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>3.5</BaseScore>
<Vector>AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>libreswan security update</Description>
<DATE>2024-05-10</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1565</URL>
</Remediation>
</Remediations>
</Vulnerability>
</cvrfdoc>
Reference in New Issue View Git Blame Copy Permalink