Skip to navigation

Bug Fix Advisory openswan bug fix update

Advisory: RHBA-2011:0388-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2011-03-28
Last updated on: 2011-03-28
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.6.z server)
Red Hat Enterprise Linux Long Life (v. 5.6 server)

Details

Updated openswan packages that fix a bug are now available for Red Hat
Enterprise Linux 5 Extended Update Support.

Openswan is a free implementation of Internet Protocol Security (IPsec) and
Internet Key Exchange (IKE). IPsec uses strong cryptography to provide both
authentication and encryption services. These services allow you to build secure
tunnels through untrusted networks.

This update fixes the following bug:

* Due to an error in a buffer initialization, the following message may have
been written to the /var/log/secure log file during the IKE negotiation:

size ([size]) differs from size specified in ISAKMP HDR ([size])

Consequently, the establishment of secure connections could be significantly
delayed. This update applies an upstream patch that resolves this issue, and the
establishment of IPsec connections is is no longer delayed. (BZ#680044)

All users of openswan are advised to upgrade to these updated packages, which
resolve this issue.


Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
openswan-2.6.21-5.el5_6.4.src.rpm
File outdated by:  RHSA-2014:0185
    MD5: fef5e99a7d87de3b4714e5ad37d0f76f
SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
 
IA-32:
openswan-2.6.21-5.el5_6.4.i386.rpm
File outdated by:  RHSA-2014:0185
    MD5: 61a9cb74a50ba36eed481c0c3f68797d
SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm
File outdated by:  RHSA-2014:0185
    MD5: 8f42eba88d4698f43359c57a4a926eaa
SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd
 
IA-64:
openswan-2.6.21-5.el5_6.4.ia64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 54003bdf9d57fbb34b2534cde9ceb786
SHA-256: c22230df45451fdbcb4ae9728c13b92571800c3a4981ded245ebe531ca63f02a
openswan-doc-2.6.21-5.el5_6.4.ia64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 5ee764cdd5e927033dc0614e6a16bca3
SHA-256: 941b5146255f80c2dd7c7c1a3ae83f1a6d004ebe2d5f44c1140a07e99cda98dc
 
PPC:
openswan-2.6.21-5.el5_6.4.ppc.rpm
File outdated by:  RHSA-2014:0185
    MD5: ae2b9f2378e2857ad95113dc195b7a09
SHA-256: e4798ec110548bb0be0abce05740898b26d1d8099cad1dcfbe824c1b5dcd974b
openswan-doc-2.6.21-5.el5_6.4.ppc.rpm
File outdated by:  RHSA-2014:0185
    MD5: d3d9337a6235017652398e685b5e31cf
SHA-256: 60a75fc71e6ed1fc4aab7a40d90aa0a02e22675fc0e1c3b6faf95de040a636e0
 
s390x:
openswan-2.6.21-5.el5_6.4.s390x.rpm
File outdated by:  RHSA-2014:0185
    MD5: 170d3022d24552bfdc01f8af2729cd8e
SHA-256: eee9cb908cf305e4de18fd5c10ac4d368b078e5659dd8256fa9f279e83eceb1a
openswan-doc-2.6.21-5.el5_6.4.s390x.rpm
File outdated by:  RHSA-2014:0185
    MD5: 1cc01046d8ebf39726377f901385be74
SHA-256: 86257fc3547f56c6b45543c74e4bf119b1036e8723e470eeaaf898c07608b201
 
x86_64:
openswan-2.6.21-5.el5_6.4.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: c8a8ccdb72f33d3035d0ca89f82b9062
SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 634a55e6a6febeb75502aa599a2079b1
SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
openswan-2.6.21-5.el5_6.4.src.rpm
File outdated by:  RHSA-2014:0185
    MD5: fef5e99a7d87de3b4714e5ad37d0f76f
SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
 
IA-32:
openswan-2.6.21-5.el5_6.4.i386.rpm
File outdated by:  RHSA-2014:0185
    MD5: 61a9cb74a50ba36eed481c0c3f68797d
SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm
File outdated by:  RHSA-2014:0185
    MD5: 8f42eba88d4698f43359c57a4a926eaa
SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd
 
x86_64:
openswan-2.6.21-5.el5_6.4.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: c8a8ccdb72f33d3035d0ca89f82b9062
SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 634a55e6a6febeb75502aa599a2079b1
SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
 
Red Hat Enterprise Linux EUS (v. 5.6.z server)

SRPMS:
openswan-2.6.21-5.el5_6.4.src.rpm
File outdated by:  RHSA-2014:0185
    MD5: fef5e99a7d87de3b4714e5ad37d0f76f
SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
 
IA-32:
openswan-2.6.21-5.el5_6.4.i386.rpm     MD5: 61a9cb74a50ba36eed481c0c3f68797d
SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm     MD5: 8f42eba88d4698f43359c57a4a926eaa
SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd
 
IA-64:
openswan-2.6.21-5.el5_6.4.ia64.rpm     MD5: 54003bdf9d57fbb34b2534cde9ceb786
SHA-256: c22230df45451fdbcb4ae9728c13b92571800c3a4981ded245ebe531ca63f02a
openswan-doc-2.6.21-5.el5_6.4.ia64.rpm     MD5: 5ee764cdd5e927033dc0614e6a16bca3
SHA-256: 941b5146255f80c2dd7c7c1a3ae83f1a6d004ebe2d5f44c1140a07e99cda98dc
 
PPC:
openswan-2.6.21-5.el5_6.4.ppc.rpm     MD5: ae2b9f2378e2857ad95113dc195b7a09
SHA-256: e4798ec110548bb0be0abce05740898b26d1d8099cad1dcfbe824c1b5dcd974b
openswan-doc-2.6.21-5.el5_6.4.ppc.rpm     MD5: d3d9337a6235017652398e685b5e31cf
SHA-256: 60a75fc71e6ed1fc4aab7a40d90aa0a02e22675fc0e1c3b6faf95de040a636e0
 
s390x:
openswan-2.6.21-5.el5_6.4.s390x.rpm     MD5: 170d3022d24552bfdc01f8af2729cd8e
SHA-256: eee9cb908cf305e4de18fd5c10ac4d368b078e5659dd8256fa9f279e83eceb1a
openswan-doc-2.6.21-5.el5_6.4.s390x.rpm     MD5: 1cc01046d8ebf39726377f901385be74
SHA-256: 86257fc3547f56c6b45543c74e4bf119b1036e8723e470eeaaf898c07608b201
 
x86_64:
openswan-2.6.21-5.el5_6.4.x86_64.rpm     MD5: c8a8ccdb72f33d3035d0ca89f82b9062
SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm     MD5: 634a55e6a6febeb75502aa599a2079b1
SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
 
Red Hat Enterprise Linux Long Life (v. 5.6 server)

SRPMS:
openswan-2.6.21-5.el5_6.4.src.rpm
File outdated by:  RHSA-2014:0185
    MD5: fef5e99a7d87de3b4714e5ad37d0f76f
SHA-256: 540368feae2a1522ab3dd98cb614819814e5e322856698269efffbecbd3ad6c6
 
IA-32:
openswan-2.6.21-5.el5_6.4.i386.rpm     MD5: 61a9cb74a50ba36eed481c0c3f68797d
SHA-256: f1ce0f970f400ec13dc8160ef4bdaa28da489146f2d8d9e8f586258724b62b91
openswan-doc-2.6.21-5.el5_6.4.i386.rpm     MD5: 8f42eba88d4698f43359c57a4a926eaa
SHA-256: 1029a79e0ce9f3c238175e6b4287361f5d45e265c3ddcab07aef0013f38c10fd
 
IA-64:
openswan-2.6.21-5.el5_6.4.ia64.rpm     MD5: 54003bdf9d57fbb34b2534cde9ceb786
SHA-256: c22230df45451fdbcb4ae9728c13b92571800c3a4981ded245ebe531ca63f02a
openswan-doc-2.6.21-5.el5_6.4.ia64.rpm     MD5: 5ee764cdd5e927033dc0614e6a16bca3
SHA-256: 941b5146255f80c2dd7c7c1a3ae83f1a6d004ebe2d5f44c1140a07e99cda98dc
 
x86_64:
openswan-2.6.21-5.el5_6.4.x86_64.rpm     MD5: c8a8ccdb72f33d3035d0ca89f82b9062
SHA-256: 02267547da93d6ce9763418389ffce3cc2530861d22d143de221fdf1ecdce288
openswan-doc-2.6.21-5.el5_6.4.x86_64.rpm     MD5: 634a55e6a6febeb75502aa599a2079b1
SHA-256: be2232ebf06007a0ac2c7f8fe6675026d4a5e12abb133fde9014c7be967bf64d
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

680044 - 2 tunnels (IPv4 and IPv6) do not work together using certs/keys



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/