rpms/crypto-policies - crypto-policies - AlmaLinux OS Foundation Git Server

rpms/crypto-policies

2 lines

174 B

Plaintext

Raw Normal View History

Switch upstream to rhel10 branch - Switch to a version based on Fedora 41 crypto-policies (20240521-1.gitf71d135.fc41), and replace the changelog with Fedora changelog - Shape up RHEL-10: remove GOST-ONLY policy and GOST subpolicy - Shape up RHEL-10: remove NEXT policy - Shape up RHEL-10: remove BSI policy - Shape up RHEL-10: remove TEST-FEDORA41 policy - Shape up RHEL-10: remove NO-SHA1 subpolicy - Shape up RHEL-10: remove SHA1 subpolicy - Shape up RHEL-10: remove TEST-PQ policy - Shape up RHEL-10: disable CAMELLIA in all policies... - Shape up RHEL-10: drop FFDHE-1024 from LEGACY - Shape up RHEL-10: DEFAULT: remove Fedora-only DSA-SHA1 RPM enablement - Shape up RHEL-10: remove Fedora-specific __openssl_block_sha1_signatures... - Shape up RHEL-10: disable 3DES in LEGACY - Shape up RHEL-10: disable DSA - Shape up RHEL-10: mark LEGACY as 80-bit security (@tomato42) - Shape up RHEL-10: require TLSv1.2/DTLSv1.2 in all policies - Shape up RHEL-10: requre 2048 bit params in LEGACY - Shape up RHEL-10: FUTURE: disable CBC ciphers for all but krb5 - Shape up RHEL-10: disable DHE-DSS even in LEGACY - Shape up RHEL-10: gnutls: explicit ECDSA-SECPNNNR1-SHANNN + reorder - Shape up RHEL-10: openssh: disable DHE-FFDHE-1024-SHA1 server config hack - Shape up RHEL-10: FIPS: disable SHA-1 HMAC in FIPS policy - Shape up RHEL-10: FIPS: disable CBC ciphers except in Kerberos - Shape up RHEL-10: policies/modules: update AD-SUPPORT away from RC4/MD5 - Shape up RHEL-10: drop DNSSEC SHA-1 exception from DEFAULT

2024-05-14 14:52:38 +00:00

SHA512 (crypto-policies-git77963ab.tar.gz) = 8bbe8c53582d86f9508f8c3c1516fed61d9f75e8c3a5b96eb0c24db7671cee10b10bf1c527453593e5bc59832806f42ed0249a5b5edf32db45bc4aa911313a61