-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Apologies for the quick followup. The 4.13 release contained a compile error that has been fixed in this 4.14 followup release. The Libreswan Project has released libreswan-4.14 4.14 only contains a compile and testcase fix for 4.13. The 4.13 releas details are included below: This is a security release that addresses one minor CVEs and a few bugfixes: * Security: Fixes http://libreswan.org/security/CVE-2024-2357 * BSD: fix esp=aes_gcm [Andrew] * x509: unpack IPv6 general names based on length [Andrew] * pluto: TFC padding was not set for AEAD algorithms [SaiKumarCholleti@github] * compile fix for 4.13 The vulnerability disclosed in CVE-2024-2357 can only be triggered when using IKEv2 with PreSharedKey (authby=secret) when no matching secret has been loaded into pluto. For details and patches see: https://libreswan.org/security/CVE-2024-2357 You can download libreswan via https at: https://download.libreswan.org/libreswan-4.14.tar.gz https://download.libreswan.org/libreswan-4.14.tar.gz.asc The full changelog is available at: https://download.libreswan.org/CHANGES Please report bugs either via one of the mailinglists or at our bug tracker: https://lists.libreswan.org/ https://github.com/libreswan/libreswan/ Binary packages for Fedora and Debian should be available in their respective repositories a few days after this release. See also https://libreswan.org/ v4.14 (March 11, 2024) * Fix compile error in 4.13 in gntoid() [Andrew] * testing: fixup ikev2-tfc-03 for padded packets [Andrew/Paul] v4.13 (March 11, 2024) * Security: Fixes http://libreswan.org/security/CVE-2024-2357 * Linux: make libcap-ng failures non-fatal [Andrew] * BSD: fix esp=aes_gcm [Andrew] * NetBSD: fix compiler warning in lib/libswan/x509.c [Andrew] * x509: unpack IPv6 general names based on length [Andrew] * pluto: TFC padding was not set for AEAD algorithms [SaiKumarCholleti@github] -----BEGIN PGP SIGNATURE----- iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAmXvquITHHRlYW1AbGli cmVzd2FuLm9yZwAKCRCF/0tDsw/G+T/ED/41cASoBVqObMss/3TBmUJ92Xvz8T+g IsbpCB7EBZTV2jkaT+CrXCGJBFFzaY0kVdjcVZ/AfuiihKKiORP6mcj5Qfvvs65K vkj4WrSTDdKIBqQIwh0jl93hTlt22hy/rXEHfGbe+YKVwmRJxYR+I4lN/4qeSeht o0oORtqmhbmA5CEpGEBzbjskqn/EuAU6O2QaXg35d39jDUaNDamGFCoJ0H0Jkl+q pYiw1NIKl3QBZoKQia66uynk/eIBFJOooRnkAO1qq9TURMTydlRPb47LyX0tbwOi Eqrqp73PJVpSZRACyqpTMpswcXcT4r4aVlSbT5yfCnmKvzKyWExIogNdiPiefhD1 ED+QzrtZkuM5m9bv5TWYTnkAsbGbWNMCbco3ybDEOv/4dK8k0e/t28TckQZiwtKC 6myat671fD93Tb23cyjCNmlBmRGt29qXML8T8EAzloFWSESGSoNxWuC0f+RIbqtS uWTlIvsjnNhnVilbVe1Y5o11NCPmjPsH7F1EtrxjHdIwUygkM8fV63YOKAlB49LR 4ICo8cUDlkXnT+zhl176H3Vs2rQZqkOL6qJGjhmQtGmAtf+ZxVidLovZSRmDU3bO G90bThVwibrRXaDuQ+388LZvxfNVaULZkkvVPLkOZaecuDb+gHuoUJigK4Onm/9n YlSBoxoKFNOXxw== =1IPf -----END PGP SIGNATURE----- _______________________________________________ Swan-announce mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-announce _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
