SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for crypto-policies-20230731-1.git94f0e2c.el9_3.1.noarch.rpm :

* Wed Sep 20 2023 Alexander Sosedkin - 20230731-1.git94f0e2c.1- OSPP subpolicy: tighten beyond reason for OSPP 4.3
* Mon Jul 31 2023 Alexander Sosedkin - 20230731-1.git94f0e2c- krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones- FIPS: enforce EMS in FIPS mode- NO-ENFORCE-EMS: add subpolicy to undo the EMS enforcement in FIPS mode- nss: implement EMS enforcement in FIPS mode (disabled in ELN)- openssl: implement EMS enforcement in FIPS mode- gnutls: implement EMS enforcement in FIPS mode (disabled in ELN)- docs: replace `FIPS 140-2` with just `FIPS 140`
* Wed Jun 14 2023 Alexander Sosedkin - 20230614-1.git027799d- policies: restore group order to old OpenSSL default order
* Fri May 05 2023 Alexander Sosedkin - 20230505-1.gitf69bbc2- openssl: set Groups explicitly- openssl: add support for Brainpool curves
* Thu Dec 15 2022 Alexander Sosedkin - 20221215-1.git9a18988- bind: expand the list of disableable algorithms
* Mon Oct 03 2022 Alexander Sosedkin - 20221003-1.git04dee29- openssh: rename RSAMinSize option to RequiredRSASize
* Mon Aug 15 2022 Alexander Sosedkin - 20220815-1.git0fbe86f- openssh: add RSAMinSize option following min_rsa_size
* Wed Apr 27 2022 Alexander Sosedkin - 20220427-1.gitb2323a1- bind: control ED25519/ED448
* Mon Apr 04 2022 Alexander Sosedkin - 20220404-1.git845c0c1- DEFAULT: drop DNSSEC SHA-1 exception- openssh: add support for sntrup761x25519-sha512AATTopenssh.com
* Wed Feb 23 2022 Alexander Sosedkin - 20220223-1.git5203b41- openssl: allow SHA-1 signatures with rh-allow-sha1-signatures in LEGACY- update AD-SUPPORT, move RC4 enctype enabling to AD-SUPPORT-LEGACY- fips-mode-setup: catch more inconsistencies, clarify --check
* Thu Feb 03 2022 Alexander Sosedkin - 20220203-1.gitf03e75e- gnutls: enable SHAKE, needed for Ed448- fips-mode-setup: improve handling FIPS plus subpolicies- FIPS: disable SHA-1 HMAC- FIPS: disable CBC ciphers except in Kerberos
* Tue Feb 01 2022 Alexander Sosedkin - 20220201-1.git636a91d- openssl: revert to SECLEVEL=2 in LEGACY- openssl: add newlines at the end of the output
* Mon Nov 15 2021 Alexander Sosedkin - 20211115-1.git70de135- OSPP: relax -ECDSA-SHA2-512, -FFDHE-
*- fips-mode-setup, fips-finish-install: call zipl more often (s390x-specific)
* Wed Sep 22 2021 Alexander Sosedkin - 20210922-1.git6fb269b- openssl: fix disabling ChaCha20- update for pylint 2.11
  
ICM