Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

crypto-policies-scripts-20220815-1.gite4ed860.fc37 RPM for noarch

From Fedora 37 for s390x / c

Name: crypto-policies-scripts Distribution: Fedora Project
Version: 20220815 Vendor: Fedora Project
Release: 1.gite4ed860.fc37 Build date: Mon Aug 15 11:24:31 2022
Group: Unspecified Build host: buildvm-x86-26.iad2.fedoraproject.org
Size: 308375 Source RPM: crypto-policies-20220815-1.gite4ed860.fc37.src.rpm
Packager: Fedora Project
Url: https://gitlab.com/redhat-crypto/fedora-crypto-policies
Summary: Tool to switch between crypto policies
 
This package provides a tool update-crypto-policies, which applies
the policies provided by the crypto-policies package. These can be
either the pre-built policies from the base package or custom policies
defined in simple policy definition files.

The package also provides a tool fips-mode-setup, which can be used
to enable or disable the system FIPS mode.

Provides

Requires

License

LGPLv2+

Changelog

* Mon Aug 15 2022 Alexander Sosedkin <asosedkin@redhat.com> - 20220815-1.gite4ed860
  - openssh: add RSAMinSize option following min_rsa_size
* Tue Aug 02 2022 Alexander Sosedkin <asosedkin@redhat.com> - 20220802-1.gita99dfd2
  - tests/java: fix java.security.disableSystemPropertiesFile=true
  - docs: add customization recommendation
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 20220428-3.gitdfb10ea
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Jul 08 2022 Jiri Vanek <jvanek@redhat.com> - 20220428-2.gitdfb10ea
  - Rebuilt for Drop i686 JDKs
* Thu Apr 28 2022 Alexander Sosedkin <asosedkin@redhat.com> - 20220428-1.gitdfb10ea
  - policies: add FEDORA38 and TEST-FEDORA39
  - fix condition of conflicting with openssl
* Wed Apr 27 2022 Alexander Sosedkin <asosedkin@redhat.com> - 20220427-1.gitca01c3e
  - bind: control ED25519/ED448
* Tue Apr 12 2022 Alexander Sosedkin <asosedkin@redhat.com> - 20220412-1.git97fe449
  - openssl: disable SHA-1 signatures in FUTURE/NO-SHA1
  - skip pylint until it's fixed in Fedora (tracked in bz206983)
* Mon Apr 04 2022 Alexander Sosedkin <asosedkin@redhat.com> - 20220404-1.git17914f1
  - fips-mode-setup: improve handling FIPS plus subpolicies
  - fips-mode-setup: catch more inconsistencies, clarify --check
  - fips-mode-setup, fips-finish-install: abandon /etc/system-fips
  - openssh: add support for sntrup761x25519-sha512@openssh.com
* Sat Feb 05 2022 Jiri Vanek <jvanek@redhat.com> - 20220203-2.git112f859
  - Rebuilt for java-17-openjdk as system jdk
* Thu Feb 03 2022 Alexander Sosedkin <asosedkin@redhat.com> - 20220203-1.git112f859
  - gnutls: enable SHAKE, needed for Ed448
  - fips-mode-setup: improve handling FIPS plus subpolicies
* Wed Jan 19 2022 Alexander Sosedkin <asosedkin@redhat.com> - 20220119-1.git50109e7
  - gnutls: switch to allowlisting
    (https://fedoraproject.org/wiki/Changes/GnutlsAllowlisting)
  - openssl: add newlines at the end of the output
* Mon Nov 15 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20211115-1.git1b1c04c
  - OSPP: relax -ECDSA-SHA2-512, -FFDHE-*
  - fips-mode-setup, fips-finish-install: call zipl more often (s390x-specific)
* Fri Sep 17 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20210917-1.gitc9d86d1
  - openssl: fix disabling ChaCha20
  - fix minor things found by pylint 2.11
* Thu Aug 19 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20210819-1.gitd0fdcfb
  - gnutls: revert hard-disabling DTLS 0.9
  - update-crypto-policies: fix --check's sorting when walking the directories
  - update-crypto-policies: always regenerate the policy to --check against
  - fix minor things found by new pylint
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 20210621-2.gita0e819e
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Jun 21 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20210621-1.gita0e819e
  - bump LEGACY key size requirements from 1023 to 1024
  - add javasystem backend
  - *ssh: condition ecdh-sha2-nistp384 on SECP384R1
  - set %verify(not mode) for backend sometimes-symlinks-sometimes-not
* Tue Jun 15 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20210615-1.giteed6c85
  - implement scoped policies, e.g., cipher@SSH = ...
  - implement algorithm globbing, e.g., cipher@SSH = -*-CBC
  - deprecate derived properties:
    tls_cipher, ssh_cipher, ssh_group, ike_protocol, sha1_in_dnssec
  - deprecate unscoped form of protocol property
  - openssl: set MinProtocol / MaxProtocol separately for TLS and DTLS
  - openssh: use PubkeyAcceptedAlgorithms instead of PubkeyAcceptedKeyTypes
  - libssh: respect ssh_certs
  - restrict FIPS:OSPP further
  - improve Python 3.10 compatibility
  - update documentation
  - expand upstream test coverage
* Sat Feb 13 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20210213-1.git5c710c0
  - exclude RC4 from LEGACY
  - introduce rc4_md5_in_krb5 to narrow AD_SUPPORT's impact
  - an assortment of small fixes
* Wed Jan 27 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20210127-2.gitb21c811
  - fix comparison in %post lua scriptlet
* Wed Jan 27 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20210127-1.gitb21c811
  - don't create /etc/crypto-policies/back-ends/.config in %post
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 20210118-2.gitb21c811
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Jan 18 2021 Alexander Sosedkin <asosedkin@redhat.com> - 20210118-1.gitb21c811
  - output sigalgs required by nss >=3.59 (or 3.60 in Fedora case)
  - bump Python requirement to 3.6
* Tue Dec 15 2020 Alexander Sosedkin <asosedkin@redhat.com> - 20201215-1.giteb57e00
  - Kerberos 5: Fix policy generator to account for macs
* Tue Dec 08 2020 Alexander Sosedkin <asosedkin@redhat.com> - 20201208-1.git70def9f
  - add AES-192 support (non-TLS scenarios)
  - add documentation of the --check option
* Wed Sep 23 2020 Tomáš Mráz <tmraz@redhat.com> - 20200918-1.git85dccc5
  - add RSA-PSK algorithm support
  - add GOST algorithms support for openssl
  - add GOST-ONLY policy and fix GOST subpolicy
  - update-crypto-policies: added --check parameter to perform
    comparison of actual configuration files with the policy

Files

/usr/bin/fips-finish-install
/usr/bin/fips-mode-setup
/usr/bin/update-crypto-policies
/usr/share/crypto-policies/python
/usr/share/crypto-policies/python/__pycache__
/usr/share/crypto-policies/python/__pycache__/build-crypto-policies.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/__pycache__/build-crypto-policies.cpython-311.pyc
/usr/share/crypto-policies/python/__pycache__/update-crypto-policies.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/__pycache__/update-crypto-policies.cpython-311.pyc
/usr/share/crypto-policies/python/build-crypto-policies.py
/usr/share/crypto-policies/python/cryptopolicies
/usr/share/crypto-policies/python/cryptopolicies/__init__.py
/usr/share/crypto-policies/python/cryptopolicies/__pycache__
/usr/share/crypto-policies/python/cryptopolicies/__pycache__/__init__.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/cryptopolicies/__pycache__/__init__.cpython-311.pyc
/usr/share/crypto-policies/python/cryptopolicies/__pycache__/alg_lists.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/cryptopolicies/__pycache__/alg_lists.cpython-311.pyc
/usr/share/crypto-policies/python/cryptopolicies/__pycache__/cryptopolicies.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/cryptopolicies/__pycache__/cryptopolicies.cpython-311.pyc
/usr/share/crypto-policies/python/cryptopolicies/alg_lists.py
/usr/share/crypto-policies/python/cryptopolicies/cryptopolicies.py
/usr/share/crypto-policies/python/cryptopolicies/validation
/usr/share/crypto-policies/python/cryptopolicies/validation/__init__.py
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/__init__.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/__init__.cpython-311.pyc
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/alg_lists.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/alg_lists.cpython-311.pyc
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/general.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/general.cpython-311.pyc
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/rules.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/rules.cpython-311.pyc
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/scope.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/cryptopolicies/validation/__pycache__/scope.cpython-311.pyc
/usr/share/crypto-policies/python/cryptopolicies/validation/alg_lists.py
/usr/share/crypto-policies/python/cryptopolicies/validation/general.py
/usr/share/crypto-policies/python/cryptopolicies/validation/rules.py
/usr/share/crypto-policies/python/cryptopolicies/validation/scope.py
/usr/share/crypto-policies/python/policygenerators
/usr/share/crypto-policies/python/policygenerators/__init__.py
/usr/share/crypto-policies/python/policygenerators/__pycache__
/usr/share/crypto-policies/python/policygenerators/__pycache__/__init__.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/__init__.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/bind.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/bind.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/configgenerator.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/configgenerator.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/gnutls.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/gnutls.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/java.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/java.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/krb5.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/krb5.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/libreswan.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/libreswan.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/libssh.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/libssh.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/nss.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/nss.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/openssh.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/openssh.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/openssl.cpython-311.opt-1.pyc
/usr/share/crypto-policies/python/policygenerators/__pycache__/openssl.cpython-311.pyc
/usr/share/crypto-policies/python/policygenerators/bind.py
/usr/share/crypto-policies/python/policygenerators/configgenerator.py
/usr/share/crypto-policies/python/policygenerators/gnutls.py
/usr/share/crypto-policies/python/policygenerators/java.py
/usr/share/crypto-policies/python/policygenerators/krb5.py
/usr/share/crypto-policies/python/policygenerators/libreswan.py
/usr/share/crypto-policies/python/policygenerators/libssh.py
/usr/share/crypto-policies/python/policygenerators/nss.py
/usr/share/crypto-policies/python/policygenerators/openssh.py
/usr/share/crypto-policies/python/policygenerators/openssl.py
/usr/share/crypto-policies/python/update-crypto-policies.py
/usr/share/man/man8/fips-finish-install.8.gz
/usr/share/man/man8/fips-mode-setup.8.gz
/usr/share/man/man8/update-crypto-policies.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Apr 9 21:25:34 2024