From team at libreswan.org Mon Mar 11 21:40:20 2024 From: team at libreswan.org (The Libreswan Team) Date: Mon, 11 Mar 2024 15:40:20 -0400 (EDT) Subject: [Swan-announce] libreswan-4.13 released to address CVE-2024-2357 Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The Libreswan Project has released libreswan-4.13 This is a security release that addresses one minor CVEs and a few bugfixes: * Security: Fixes http://libreswan.org/security/CVE-2024-2357 * BSD: fix esp=aes_gcm [Andrew] * x509: unpack IPv6 general names based on length [Andrew] * pluto: TFC padding was not set for AEAD algorithms [SaiKumarCholleti at github] The vulnerability disclosed in CVE-2024-2357 can only be triggered when using IKEv2 with PreSharedKey (authby=secret) when no matching secret has been loaded into pluto. For details and patches see: https://libreswan.org/security/CVE-2024-2357 You can download libreswan via https at: https://download.libreswan.org/libreswan-4.13.tar.gz https://download.libreswan.org/libreswan-4.13.tar.gz.asc The full changelog is available at: https://download.libreswan.org/CHANGES Please report bugs either via one of the mailinglists or at our bug tracker: https://lists.libreswan.org/ https://github.com/libreswan/libreswan/ Binary packages for RHEL/CentOS can be found at: https://download.libreswan.org/binaries/ Binary packages for Fedora and Debian should be available in their respective repositories a few days after this release. See also https://libreswan.org/ v4.13 (March 11, 2024) * Security: Fixes http://libreswan.org/security/CVE-2024-2357 * Linux: make libcap-ng failures non-fatal [Andrew] * BSD: fix esp=aes_gcm [Andrew] * NetBSD: fix compiler warning in lib/libswan/x509.c [Andrew] * x509: unpack IPv6 general names based on length [Andrew] * pluto: TFC padding was not set for AEAD algorithms [SaiKumarCholleti at github] -----BEGIN PGP SIGNATURE----- iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAmXvWjkTHHRlYW1AbGli cmVzd2FuLm9yZwAKCRCF/0tDsw/G+UaID/9rDK+K0v8UxCdMeAT8k9D8Eze8o9fZ +PFk9dNLIjy/jGVJmYkKt03oV3T95Hqs6NvseIqoiKxpou5QEbW94u37YQmT/+18 +8HlRrMH7dGz0T1U49PXgI5InYBUITCZ5dNxDLcbh0RsjBkpyRk8mkHUoro3Ucp3 /kXUEfr8HKULie4rprvey/5fcMgc3MQAOzAFg/thvHEhW6ebVEj3f8O6ndZYIYJS 6TYfbOzCo400770KQvhdytJYMlB8Z5+t8gTdw238QHTqium4HUC3gF/250AcLXTR zXww7NvHR6DMlcEUfDhHfBkL6ygFeleKXD/pFM4mM20WcvbubbMYlRLoVoeiIGE4 aRig06siNl7J4RvYEMUb52caWX/fg4dh/9t12VCEe/oh1kQ6UIkDsC6YgDri4TFo fnYQrAWcE/yy4b1juX+bd8kDaIvwVEhGuk2ePGBRYT3a2Wx03GzHJd+HLGanY8QI 12pKILar5Fpe+QZmDhHJUFUy5EgGJjioNdznESDtfU/f21qXcjUj7YBmGRaD+FjP 5gfEqdXKg0WsrcNkTXBZVgfybEuMFtsFJVZ/82UhWVYY0JwjdvMtuIsLSNOjgl92 ZEBTYVUYD1PSazsgxR/PFVWg1T4SrBL413cL5KIwKCNBJ4RFc4Gh/M9XFBjTQ/OV KzTbIDsCuHN73g== =OgHe -----END PGP SIGNATURE----- From team at libreswan.org Tue Mar 12 00:01:04 2024 From: team at libreswan.org (The Libreswan Team) Date: Mon, 11 Mar 2024 18:01:04 -0400 (EDT) Subject: [Swan-announce] libreswan-5.0rc2 Release Candidate 2 released Message-ID: <1d360ca9-bd47-2fa8-45aa-388f1fd39caf@libreswan.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The Libreswan Project has issued a Release Candidate 2 for libreswan-5.0 This release is a major release with many features and bugfixes. We strongly encourage developers, system integrators, and distribution vendors to carefully test this release for any unexpected regressions. A list of major items for this release: * A new option to globally disable IKEv1 (enabled by default) * Combined Traffic Selectors within a single IPsec SA * Combined addresspool support (addresspool=v4/mask,v6/mask) * Nic Hardware Offload support (eg Nvidia/Mellanox ConnectX) * "ipsec auto --option" obsoleted for "ipsec option" (eg ipsec auto --up conn is now "ipsec up conn") (auto is still working for backwards compatibility) * XFRM interface IP management from pluto * nftables support (now the default over iptables) * Many bugfixes around restarting/reviving connections * Improved PFS/rekey compatibility * Drop prefix numbers from ipsec/whack command output * IKEv2 Labeled IPsec fixes (IKEv1 support removed) * Removal of _stackmanager * XFRM flushing moved from init system to pluto * cleanup of man pages * added various missing whack options * Internal SPD routing improvements For new configuration keywords and whack commands, please see: * man libreswan * man pluto * man ipsec whack You can download release candidates of libreswan via https at: https://download.libreswan.org/development/ The full changelog is available at: https://github.com/libreswan/libreswan/blob/main/CHANGES Please report bugs either via one of the mailinglists or at our bug tracker: https://lists.libreswan.org/ https://github.com/libreswan/libreswan/ -----BEGIN PGP SIGNATURE----- iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAmXvfwETHHRlYW1AbGli cmVzd2FuLm9yZwAKCRCF/0tDsw/G+RDdD/4lif+bZJsijg16JEqdHh9lBD/pjZGa 5G4R+T35AL8JLK00IbsAKCrc2WPgIq9e2twRqAOmUKilLdgAxnuNtgzIJo6hIe8W qBv2eJMKn8I2yxGnZ+De9GkXyaauouRT3uvX1avE24oD/gxsFYzL4XGwEV57xjc3 IJx319soqRD+ErlpTURtz3V+fWvhIus95eSTk2uR7tPKmuTB4UcqGCRH/nnF1tR6 td215y+Vx5oAbJkhtXvbRtZ7DKE7QiPFGF7txthB0rcn/YJdHsIUlQuZbPYXmW/l fwsHwF8BkBcRHWa7Sfp44ydtCFyZ4Hfgt6ga6bQTZmHzlORd82ztUxDUZjYBU4z4 H5IsGdE8pTRTSEoZCLnbXTv2uwuHFicStAcn6/KLA7hIi0Kiz5GdRqLcLa8iqjTV ms8uNMItuq+Vw/5FRJFJPZHoww+/N6HFH+ikaNqldvlEvGQY7fvVqvHgOeDAe47c kcaxAziRuefM6wka7p0UxK15/XFaMO5PZCtTvPJtYsFO66c+0uBc7glP81lkYB61 i1+S0GoqmO9w1pzhDaadVnVdWTbXkAM+xNfoyKqwYWLM06v5f8r9VA6qY1Ftm+Y7 hB7izUe7BY727VLymk2vySlfBuw7HaBdyUxDCTmqG72YBc2KYhXh4+RCSfw/138U IAIhH+d7FthPNA== =M7xs -----END PGP SIGNATURE----- From team at libreswan.org Tue Mar 12 03:08:03 2024 From: team at libreswan.org (The Libreswan Team) Date: Mon, 11 Mar 2024 21:08:03 -0400 (EDT) Subject: [Swan-announce] libreswan-4.14 released to address CVE-2024-2357 and compile fix for 4.13 Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Apologies for the quick followup. The 4.13 release contained a compile error that has been fixed in this 4.14 followup release. The Libreswan Project has released libreswan-4.14 4.14 only contains a compile and testcase fix for 4.13. The 4.13 releas details are included below: This is a security release that addresses one minor CVEs and a few bugfixes: * Security: Fixes http://libreswan.org/security/CVE-2024-2357 * BSD: fix esp=aes_gcm [Andrew] * x509: unpack IPv6 general names based on length [Andrew] * pluto: TFC padding was not set for AEAD algorithms [SaiKumarCholleti at github] * compile fix for 4.13 The vulnerability disclosed in CVE-2024-2357 can only be triggered when using IKEv2 with PreSharedKey (authby=secret) when no matching secret has been loaded into pluto. For details and patches see: https://libreswan.org/security/CVE-2024-2357 You can download libreswan via https at: https://download.libreswan.org/libreswan-4.14.tar.gz https://download.libreswan.org/libreswan-4.14.tar.gz.asc The full changelog is available at: https://download.libreswan.org/CHANGES Please report bugs either via one of the mailinglists or at our bug tracker: https://lists.libreswan.org/ https://github.com/libreswan/libreswan/ Binary packages for Fedora and Debian should be available in their respective repositories a few days after this release. See also https://libreswan.org/ v4.14 (March 11, 2024) * Fix compile error in 4.13 in gntoid() [Andrew] * testing: fixup ikev2-tfc-03 for padded packets [Andrew/Paul] v4.13 (March 11, 2024) * Security: Fixes http://libreswan.org/security/CVE-2024-2357 * Linux: make libcap-ng failures non-fatal [Andrew] * BSD: fix esp=aes_gcm [Andrew] * NetBSD: fix compiler warning in lib/libswan/x509.c [Andrew] * x509: unpack IPv6 general names based on length [Andrew] * pluto: TFC padding was not set for AEAD algorithms [SaiKumarCholleti at github] -----BEGIN PGP SIGNATURE----- iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAmXvquITHHRlYW1AbGli cmVzd2FuLm9yZwAKCRCF/0tDsw/G+T/ED/41cASoBVqObMss/3TBmUJ92Xvz8T+g IsbpCB7EBZTV2jkaT+CrXCGJBFFzaY0kVdjcVZ/AfuiihKKiORP6mcj5Qfvvs65K vkj4WrSTDdKIBqQIwh0jl93hTlt22hy/rXEHfGbe+YKVwmRJxYR+I4lN/4qeSeht o0oORtqmhbmA5CEpGEBzbjskqn/EuAU6O2QaXg35d39jDUaNDamGFCoJ0H0Jkl+q pYiw1NIKl3QBZoKQia66uynk/eIBFJOooRnkAO1qq9TURMTydlRPb47LyX0tbwOi Eqrqp73PJVpSZRACyqpTMpswcXcT4r4aVlSbT5yfCnmKvzKyWExIogNdiPiefhD1 ED+QzrtZkuM5m9bv5TWYTnkAsbGbWNMCbco3ybDEOv/4dK8k0e/t28TckQZiwtKC 6myat671fD93Tb23cyjCNmlBmRGt29qXML8T8EAzloFWSESGSoNxWuC0f+RIbqtS uWTlIvsjnNhnVilbVe1Y5o11NCPmjPsH7F1EtrxjHdIwUygkM8fV63YOKAlB49LR 4ICo8cUDlkXnT+zhl176H3Vs2rQZqkOL6qJGjhmQtGmAtf+ZxVidLovZSRmDU3bO G90bThVwibrRXaDuQ+388LZvxfNVaULZkkvVPLkOZaecuDb+gHuoUJigK4Onm/9n YlSBoxoKFNOXxw== =1IPf -----END PGP SIGNATURE----- From team at libreswan.org Mon Apr 15 19:51:20 2024 From: team at libreswan.org (The Libreswan Team) Date: Mon, 15 Apr 2024 12:51:20 -0400 (EDT) Subject: [Swan-announce] libreswan-4.15 released to address CVE-2024-3652 Message-ID: <09dd5222-e1d4-0f67-db91-3eba31c7ed31@libreswan.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Release date: Monday, April 15, 2024 Contact: security at libreswan.org PGP key: 907E790F25C1E8E561CD73B585FF4B43B30FC6F9 =================================================================== CVE-2024-3652: IKEv1 default AH/ESP responder can crash and restart =================================================================== This alert (and any updates) are available at the following URLs: https://libreswan.org/security/CVE-2024-3652 The Libreswan Project was notified of an issue that causes libreswan to crash and restart when it is acting as an IKEv1 responder with AH/ESP default setting, when no esp= line is present in the connection configuration. The bug is triggered when after IKEv1 authentication has succeeded (via Main Mode or Aggressive Mode), a Quick Mode message is received containing a bogus AES-GMAC proposal. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service. Severity: Medium Vulnerable versions : libreswan 3.22 - 4.14 Not vulnerable : libreswan 3.0 - 3.21, 4.15+, 5.0+ Vulnerability information ========================= The function compute_proto_keymat() did not handle unexpected proposals for which the keymat size is 0, such as AES-GMAC which can be used only with NULL encryption. The function ends up calling an assertion failure routine. No Remote Code Execution is possible. Exploitation ============ The vulnerability can only be exploited when an IKEv1 connection is loaded without an esp= line. It also requires the peer to have authenticated itself before it can send the bogus request triggering the issue. IKEv2 connections are not vulnerable. Workaround ========== An esp= line using a common IKEv1 algorithm list can be added to all IKEv1 based connections. An example of such an esp= line could be: esp=aes-sha2_512,aes-sha1,aes-sha2_256,aes-md5,3des-sha1,3des-md5 History ======= * 24-03-2024 https://github.com/libreswan/libreswan/issues/1665 reported * 27-03-2024 Fix published via commit 03caa63de1e3 (as issue was already public via githb issue) * 10-04-2024 Advanced notice given to supported customers and distributions * 15-04-2024 Public announcement and release of 4.15 Credits ======= This vulnerability was found and reported by github user X1AOxiang Upgrading ========= To address this vulnerability, please upgrade to libreswan 4.15 or later, or libreswan 5.0 or later. About libreswan (https://libreswan.org/) ======================================== Libreswan is a free implementation of the Internet Key Exchange (IKE) protocols IKEv1 and IKEv2. It is a descendant (continuation fork) of openswan 2.6.38. IKE is used to establish IPsec VPN connections. IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted network is encrypted by the IPsec gateway machine, and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network (VPN). Patches ======= For those who cannot upgrade, a patch is available at: https://github.com/libreswan/libreswan/commit/03caa63de1e34c29dd3e7e835070d363ca197bfd -----BEGIN PGP SIGNATURE----- iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAmYXQ5ATHHRlYW1AbGli cmVzd2FuLm9yZwAKCRCF/0tDsw/G+V/GD/wOIVq2Zu1TyqZwyER6Y43th+JE/toO WuRW+AhNVCyKjO7pkJey+asR0PZNpNISLW15xx6TE3CFv/BBVKk4JGLDUEGTV5ue OzuTUxh9UW60dzK6780Z1dnoJ9pZgIQmBsxvkTCFwoVYaoDx9H6twJvqvqsYPC8Q d+B59Xfn/pFcxk52a7tJ/erWbyo9cTHU9GN4Y6W6nNCNmjeVUHWET5QnE2pKe4eH k6ZjSdKEUYMPqbUJJFlUsQv0x8QUvImBIsfomgAscKpxkdLWrFsiu41wRk6MAWT3 R6jN4D7A6OrU4foOT+HZnW8NV+p2j8+JES6kke9mQCxysP6NbPyS//J90tEmZzi/ m9H7leAhZojPrNdrdB7FVqnFGqecSrs9OwOhlNaNUqtabeP/jFpg84S9aDIUaJ4J fe51UAvNXqrHCC9l18t4Su/1MCtf6zcPpdkbVAkIsdLNzSwLbdyKhCsa6CgkmL37 PgAoBKGH4YalJEzkyqnr/BU38dUnP6Wk5nci5uT8aFdWdRblbv7nYORklfQwAhW+ iYp4uilmvrdVxxo78pgPKv9NYXh0QROezm3ViU04HaLjGUgjPkeUstRK1qnupypT ePycNxw4CXUhkSWzplM/iqOHHBDa80zsYEY9b06vbjQ0Pp9BcF9MSrx1ldaRpvuO it8rqn3xGlirnw== =d6pu -----END PGP SIGNATURE----- From team at libreswan.org Wed Apr 17 19:32:34 2024 From: team at libreswan.org (The Libreswan Team) Date: Wed, 17 Apr 2024 12:32:34 -0400 (EDT) Subject: [Swan-announce] libreswan-5.0rc3 Release Candidate 3 released Message-ID: <7bf08fd5-5fac-340e-d3df-8205a4a7c3f1@libreswan.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The Libreswan Project has issued a Release Candidate 3 for libreswan-5.0 This release is a major release with many features and bugfixes. We strongly encourage developers, system integrators, and distribution vendors to carefully test this release for any unexpected regressions. This Release Candidate 3 pulls in fixes from 4.15, such as the removal of libsystemd/xz and CVE-2024-3652. A list of major items for the 5.0 series are: * A new option to globally disable IKEv1 (enabled by default) * Combined Traffic Selectors within a single IPsec SA * Combined addresspool support (addresspool=v4/mask,v6/mask) * Nic Hardware Offload support (eg Nvidia/Mellanox ConnectX) * "ipsec auto --option" obsoleted for "ipsec option" (eg ipsec auto --up conn is now "ipsec up conn") (auto is still working for backwards compatibility) * XFRM interface IP management from pluto * nftables support (now the default over iptables) * Many bugfixes around restarting/reviving connections * Improved PFS/rekey compatibility * Drop prefix numbers from ipsec/whack command output * IKEv2 Labeled IPsec fixes (IKEv1 support removed) * Removal of _stackmanager * XFRM flushing moved from init system to pluto * cleanup of man pages * added various missing whack options * Internal SPD routing improvements For new configuration keywords and whack commands, please see: * man libreswan * man pluto * man ipsec whack You can download release candidates of libreswan via https at: https://download.libreswan.org/development/ The full changelog is available at: https://github.com/libreswan/libreswan/blob/main/CHANGES Please report bugs either via one of the mailinglists or at our bug tracker: https://lists.libreswan.org/ https://github.com/libreswan/libreswan/ -----BEGIN PGP SIGNATURE----- iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAmYf48MTHHRlYW1AbGli cmVzd2FuLm9yZwAKCRCF/0tDsw/G+RVXD/wNwLBlQFzi14qWv6cM7FKyQob8CqRW DBu6rIPMt8pH+9QMU7Lx/Bn/KJ1FxEpk0A9jVW6PPA6BOy96vEphJGZbk3V6upJV c8MK8/VyowOilHbyqOrJKzRUsI7/HjPvCoxdcvHxzHmyob9Nzs8+GASVk7oiI23v MJCuCwV8BkjqwkcaCntr2+8eyTA/rZCxhZe2iEqzFgHIXooNfpv5mo6+Fz8rFn4N w1LAeQoebHw09764biyhbvT51JMc45tG47AE2vprMHAM7yJyDq3mbb9uGhSCAJJM Zsp+R5IKTRb9qvAdxyuyaYpYyrFYFTU9ab9ph2yqANTj1kJ/u+TEwDKAJB8bwGUW VykvA0kX5ugRpWB6Mw2nY+JVHvkF+VD76niDXfgwfSQOPeOONneEYPtJfWGdikNA PX3QJbMfEtqNj25iFh3GyfuN8I9+kH8KLVeTpN9pZJaR1+l4otwGYHUf4WNCxccB r1I/S3XMUdnUAJFophLHr+MHItxd/MsmAt6IT0iPwfmlsdI3ychAfddoRKzoQVXy ZkDqmpqoYS3w+AX9pv23oAbsIE170xdjwzlZxEyB1qckWMkGcbvo7AKPnyPY8cU/ sd3+cl8yYh736f57JbK+e53v1xnE/Slvr3C7bNDdwHVPP+3bJl3A6+f1gPOXxuO6 apevvv4b0x8gXw== =EnK8 -----END PGP SIGNATURE----- From team at libreswan.org Thu Apr 25 01:30:32 2024 From: team at libreswan.org (The Libreswan Team) Date: Wed, 24 Apr 2024 18:30:32 -0400 (EDT) Subject: [Swan-announce] libreswan-5.0 released Message-ID: <0c480dec-b2c5-ed95-2529-a33195e74746@libreswan.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The Libreswan Project has released libreswan-5.0 This release is a major release with many features and bugfixes. It also contains some changes to the defaults, removal of obsoleted options/keywords and introduction of new options/keywords. W strongly encourage developers, system integrators, and distribution vendors to carefully test this release and focus on testing the upgrade path. A list of major items for the 5.0 series are: * A new option to globally disable IKEv1 (enabled by default) * Combined Traffic Selectors within a single IPsec SA using leftsubnet=/rightrubnet= (note singular, not plural) * Combined addresspool support (addresspool=v4/mask,v6/mask) * Nic Hardware Offload support (eg Nvidia/Mellanox ConnectX) * "ipsec auto --option" obsoleted for "ipsec option" (eg ipsec auto --up conn is now "ipsec up conn") (auto is still working for backwards compatibility) * XFRM interface IP management from pluto * nftables support (now the default over iptables) * Many bugfixes around restarting/reviving connections * Improved PFS/rekey compatibility * Drop prefix numbers from ipsec/whack command output * IKEv2 Labeled IPsec fixes (IKEv1 support removed) * Removal of _stackmanager * XFRM flushing moved from init system to pluto * cleanup of man pages * added various missing whack options * Internal SPD routing improvements For new configuration keywords and whack commands, please see: * man libreswan * man pluto * man ipsec whack You can download release candidates of libreswan via https at: https://download.libreswan.org/development/ The full changelog is available at: https://github.com/libreswan/libreswan/blob/main/CHANGES Please report bugs either via one of the mailinglists or at our bug tracker: https://lists.libreswan.org/ https://github.com/libreswan/libreswan/ -----BEGIN PGP SIGNATURE----- iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAmYph6ETHHRlYW1AbGli cmVzd2FuLm9yZwAKCRCF/0tDsw/G+SOSD/4gORliJrY4aO0MpV808ZVtFvhmhoug MZfKJ4zjH551/MKP0yM0Q+TtKILdPivRCoxryiPJn7HACPc6VURa8U0QIqnyg4W7 bL9K6HscNCegUJiQeMDJbgBGQlC7ftMZcC1fpdmYcmRtmzXfIGA8Nqop4LB6SS+s TY1jLFwX18gjROiDs2txZ/MqeRkTtnPoh8znrI1PW/m5mQQejnJJjUVmKmLBeZZi nPi2YZ93JawIWmsnKgZvUDoCfztUASGqCKuksKx0mO3+eXTAQuB8R9GT05/Jutcr xIqPLNp//4hwLhkWougZ5DOXEuT3FQCst9wF7mCtySuIp69pj2xboH7kSrongFu7 PnqdX5YvEX9vd+UblFfDE+mldDmO4FM19TYvQ06ctRfKGs8Swf2HuH7hP+ASu0Jd MCyxcVsfm/HZLHAaF15aAS2bE8H+ZcoN4YVwnb2f3MHRr8iz4uwvy0GyoTnBUPgd 6W45bnn9sRCqHWRi3bV28ElJCJiq5Si9nq2Kr/yA6oeYV1KolgRh7xoX4ervOdr8 VIx4pSbmCimnGbd5pufCLhCzfqeHNM0vnAyfWOGWUJI8g4f/lV5dvn6sTEbF1Z0I MUwB+268WlrPcgYSIrPmmd3ECxxOsiqJ5ufP+mxaOsDD5jfLhGPn5ix0jf98FUlU dS7uQ3oAwQONvA== =WkkG -----END PGP SIGNATURE-----