Fixing OCPBUGS-42952 via https://github.com/openshift/ovn-kubernetes/pull/2323 in OpenShift 4.14.40 pinned libreswan back from latest RHEL 9.2.z version to libreswan-4.5-1.el9 which image scanning has informed us introduced CVE exposure regressions listed below.

The following known vulnerabilities exist for packages in this container:

• Important CVE-2023-2295 RHSA-2023:3148 
• Important CVE-2023-30570 RHSA-2023:2120 
• Moderate CVE-2023-23009 RHSA-2023:2633 
• Moderate CVE-2024-2357 RHSA-2024:2085 
• Moderate CVE-2024-3652 RHSA-2024:4431 

We need to unpin this package so that we don't regress on CVE fixes while addressing functional issues. In the set of customers that are known to be affected by the function issue we can work with them to help them decide the appropriate path forward.