From bf73613e6692ff55468d76c742d03d1ee85ea4ed Mon Sep 17 00:00:00 2001
From: eabdullin <eabdullin@almalinux.org>
Date: Thu, 21 Sep 2023 19:17:03 +0000
Subject: [PATCH] import CS libreswan-4.12-1.el9

---
 .gitignore           |  2 +-
 .libreswan.metadata  |  2 +-
 SPECS/libreswan.spec | 26 +++++++++++++++++++++++++-
 3 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/.gitignore b/.gitignore
index 222eb50..13bd332 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
 SOURCES/ikev1_dsa.fax.bz2
 SOURCES/ikev1_psk.fax.bz2
 SOURCES/ikev2.fax.bz2
-SOURCES/libreswan-4.9.tar.gz
+SOURCES/libreswan-4.12.tar.gz
diff --git a/.libreswan.metadata b/.libreswan.metadata
index e5c173b..0dc2bf4 100644
--- a/.libreswan.metadata
+++ b/.libreswan.metadata
@@ -1,4 +1,4 @@
 b35cd50b8bc0a08b9c07713bf19c72d53bfe66bb SOURCES/ikev1_dsa.fax.bz2
 861d97bf488f9e296cad8c43ab72f111a5b1a848 SOURCES/ikev1_psk.fax.bz2
 fcaf77f3deae3d8e99cdb3b1f8abea63167a0633 SOURCES/ikev2.fax.bz2
-12b7351ca7e6ba1ac787239e67027a4d82f02f10 SOURCES/libreswan-4.9.tar.gz
+786c14a4755311ea3103683a3294e1536b1e44a6 SOURCES/libreswan-4.12.tar.gz
diff --git a/SPECS/libreswan.spec b/SPECS/libreswan.spec
index 7544d02..2dabbb4 100644
--- a/SPECS/libreswan.spec
+++ b/SPECS/libreswan.spec
@@ -30,7 +30,7 @@
 Name: libreswan
 Summary: Internet Key Exchange (IKEv1 and IKEv2) implementation for IPsec
 # version is generated in the release script
-Version: 4.9
+Version: 4.12
 Release: %{?prever:0.}1%{?prever:.%{prever}}%{?dist}
 License: GPLv2
 Url: https://libreswan.org/
@@ -196,6 +196,30 @@ certutil -N -d sql:$tmpdir --empty-password
 %doc %{_mandir}/*/*
 
 %changelog
+* Wed Aug  9 2023 Daiki Ueno <dueno@redhat.com> - 4.12-1
+- Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712
+- Resolves: rhbz#2215956
+
+* Fri May 05 2023 Sahana Prasad <sahana@redhat.com> - 4.9-5
+- Just bumping up the version to include bugs for CVE-2023-2295. There is no
+  code fix for it. Fix for it is including the code fix for CVE-2023-30570.
+- Fix CVE-2023-2295 Regression of CVE-2023-30570 fixes in the
+  Red Hat Enterprise Linux
+- Resolves: rhbz#2189777, rhbz#2190148
+
+* Thu May 04 2023 Sahana Prasad <sahana@redhat.com> - 4.9-4
+- Just bumping up the version as an incorrect 9.3 build was created.
+- Related: rhbz#2187171
+
+* Thu May 04 2023 Sahana Prasad <sahana@redhat.com> - 4.9-3
+- Fix CVE-2023-30570:Malicious IKEv1 Aggressive Mode packets can crash
+  libreswan
+- Resolves: rhbz#2187171
+
+* Tue Apr  4 2023 Daiki Ueno <dueno@redhat.com> - 4.9-2
+- Fix CVE-2023-23009: remote DoS via crafted TS payload with an
+  incorrect selector length (rhbz#2173674)
+
 * Wed Jan  4 2023 Daiki Ueno <dueno@redhat.com> - 4.9-1
 - Update to 4.9. Resolves: rhbz#2128669
 - Switch to using %%autopatch as in Fedora