jonathan/openssl
1
0
Fork 0
forked from rpms/openssl
Code Pull Requests Activity

Fix a FIXME in the openssl.cnf(5) manpage

Browse Source 
Signed-off-by: Clemens Lang <cllang@redhat.com>
This commit is contained in:
Clemens Lang 2022-04-20 15:47:37 +02:00
parent 0967bb5953
commit 0eaa0014c9
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch
View File

@ -86,7 +86,7 @@ index 0c9110d28a..02e7ca706f 100644
+Note that enabling B<rh-allow-sha1-signatures> will allow TLS signature +Note that enabling B<rh-allow-sha1-signatures> will allow TLS signature
+algorithms that use SHA1 in security level 1, despite the definition of +algorithms that use SHA1 in security level 1, despite the definition of
+security level 1 of FIXME bits of security, which SHA1 does not meet. This +security level 1 of 80 bits of security, which SHA1 does not meet. This
+allows using SHA1 in TLS in the LEGACY crypto-policy on Fedora without +allows using SHA1 in TLS in the LEGACY crypto-policy on Fedora without
+requiring to set the security level to 0, which would include further insecure +requiring to set the security level to 0, which would include further insecure
+algorithms. +algorithms.

1
openssl.spec
View File

@ -405,6 +405,7 @@ install -m644 %{SOURCE9} \
%changelog %changelog
* Wed Apr 20 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.2-3 * Wed Apr 20 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.2-3
- Disable SHA-1 by default in ELN using the patches from CentOS - Disable SHA-1 by default in ELN using the patches from CentOS
- Fix a FIXME in the openssl.cnf(5) manpage
* Thu Apr 07 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.2-2 * Thu Apr 07 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.2-2
- Silence a few rpmlint false positives. - Silence a few rpmlint false positives.