Package crypto-policies-scripts-20230731-1.git3177e06.el8.noarch
| Name | crypto-policies-scripts |
|---|---|
| Epoch | 0 |
| Version | 20230731 |
| Release | 1.git3177e06.el8 |
| Architecture | noarch |
| Website/URL | https://gitlab.com/redhat-crypto/fedora-crypto-policies |
| License | LGPLv2+ |
| Build Time | 2023-12-12 12:58:59 |
| Build Host | builder-x86-10.inferitos.ru |
| Summary | Tool to switch between crypto policies |
| Repositories | BaseOS |
| Description | This package provides a tool update-crypto-policies, which applies the policies provided by the crypto-policies package. These can be either the pre-built policies from the base package or custom policies defined in simple policy definition files. The package also provides a tool fips-mode-setup, which can be used to enable or disable the system FIPS mode. |
| Errata | — |
| Size | 83 KiB |
| Source Project | crypto-policies-20230731-1.git3177e06.el8 |
| SHA-256 checksum | 1784d603396b4c71239655288416a62cc9929565144f5f71c7c79c3b6b456da5 |
×
![Full screenshot]()
* Mon Jul 31 2023 Alexander Sosedkin <asosedkin@redhat.com> - 20230731-1.git3177e06 - krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones - krb5: fix policy generator to account for macs - docs: replace `FIPS 140-2` with just `FIPS 140` * Tue Jul 25 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 20221215-1.gitece0092 - Rebuilt for MSVSphere 8.8 * Thu Dec 15 2022 Alexander Sosedkin <asosedkin@redhat.com> - 20221215-1.gitece0092 - bind: expand the list of disableable algorithms - tests/java: fix java.security.disableSystemPropertiesFile=true - stop accidentally creating /etc/crypto-policies/back-ends/.config symlink * Tue Nov 16 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20211116-1.gitae470d6 - OSPP: relax -ECDSA-SHA2-512, -FFDHE-* - fips-mode-setup, fips-finish-install: call zipl more often (s390x-specific) - libssh: enable diffie-hellman-group14-sha256 support - openssl: fix disabling ChaCha20 * Thu Jun 17 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20210617-1.gitc776d3e - implement scoped policies, e.g., cipher@SSH = ... (#1960266) - implement algorithm globbing, e.g., cipher@SSH = -*-CBC - deprecate derived properties: tls_cipher, ssh_cipher, ssh_group, ike_protocol - deprecate sha1_in_dnssec property - deprecate unscoped form of protocol property - update documentation - expand upstream test coverage - openssl: set MinProtocol / MaxProtocol separately for TLS and DTLS (#1946522) - support AES-192 ciphers in custom policies for non-TLS scenarios (#1876846) - stop claiming Camellia is disabled (#1925104) - disable CBC ciphers in FUTURE for everything but Kerberos (#1933016) - drop SHA224 from signature algorithms in FIPS:OSPP (#1934755) - condition ecdh-sha2-nistp384 on SECP384R1 * Tue Feb 09 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20210209-1.gitbfb6bed - OSPP subpolicy: tweak for RHEL-8.3+ - libssh: respect ssh_certs * Mon Jul 13 2020 Tomáš Mráz <tmraz@redhat.com> - 20200713-1.git51d1222 - OSPP subpolicy: remove AES-CCM - openssl: handle the AES-CCM removal properly * Wed Jul 01 2020 Tomáš Mráz <tmraz@redhat.com> - 20200629-1.git806b5d3 - disallow X448/ED448 in FIPS policy with gnutls >= 3.6.12 - add AD-SUPPORT policy module * Wed Jun 10 2020 Tomáš Mráz <tmraz@redhat.com> - 20200610-1.git0ac8b1f - fallback to FIPS policy instead of the default-config in FIPS mode - java: Document properly how to override the crypto policy - krb5: No support for 3des anymore - reorder the signature algorithms to follow the order in default openssl list * Tue Jun 09 2020 Tomáš Mráz <tmraz@redhat.com> - 20200527-5.gitb234a47 - make the post script work in environments where /proc/sys is not available