Alexander Sosedkin
|
9699a7bbb8
|
Update from upstream: reorder gnutls sigalgs, fix --check
- gnutls: reorder ECDSA-SECPMMMR1-SHANNN together with ECDSA-SHANNN
- fix several issues with update-crypto-policies --check
Resolves: bz1994097
|
2021-09-14 15:46:26 +02:00 |
|
Mohan Boddu
|
747e788f75
|
Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
|
2021-08-09 19:43:44 +00:00 |
|
Aleksandra Fedorova
|
132f4bc0f9
|
Add RHEL gating configuration
|
2021-07-15 02:43:40 +02:00 |
|
Alexander Sosedkin
|
5466f912c0
|
Update from upstream: gnutls sigalgs, check
- gnutls: explicitly enable ECDSA-SECPNNNR1-SHANNN
- packaging: adapt to the RHEL-9 %check-time testing tools availability
Resolves: bz1979200, bz1978841
|
2021-07-07 15:59:15 +02:00 |
|
Alexander Sosedkin
|
7c076748f3
|
Update from upstream: scoped policies, gnutls allowlisting, ...
implement scoped policies, e.g., cipher@SSH = ...
implement algorithm globbing, e.g., cipher@SSH = -*-CBC
deprecate derived properties:
tls_cipher, ssh_cipher, ssh_group, ike_protocol, sha1_in_dnssec
deprecate unscoped form of protocol property
openssl: set MinProtocol / MaxProtocol separately for TLS and DTLS
openssh: use PubkeyAcceptedAlgorithms instead of PubkeyAcceptedKeyTypes
libssh: respect ssh_certs
restrict FIPS:OSPP further
improve Python 3.10 compatibility
update documentation
expand upstream test coverage
FUTURE: disable CBC ciphers for all backends but krb5
openssl: LEGACY must have SECLEVEL=1, enabling SHA1
disable DHE-DSS in LEGACY
bump LEGACY key size requirements from 1023 to 1024
add javasystem backend
*ssh: condition ecdh-sha2-nistp384 on SECP384R1
set %verify(not mode) for backend sometimes-symlinks-sometimes-not
gnutls: use allowlisting
Resolves: bz1975854
|
2021-06-28 20:23:25 +02:00 |
|
Mohan Boddu
|
bd79a31b29
|
Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
|
2021-06-22 18:36:55 +00:00 |
|
Mohan Boddu
|
cd51490202
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
|
2021-04-15 22:59:38 +00:00 |
|
Alexander Sosedkin
|
b15b23030d
|
Tighten policies for RHEL-9
|
2021-02-18 18:38:39 +01:00 |
|
DistroBaker
|
705dc9cc64
|
Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/crypto-policies.git#b596eb5600a9e299c0fb3d00b1f65993be10bc0a
|
2021-02-13 13:15:21 +00:00 |
|
DistroBaker
|
cfac1122f9
|
Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/crypto-policies.git#37a4fa3b51dd14d8dbaf31fab953ef3e0ffd35da
|
2021-01-27 15:45:17 +00:00 |
|
DistroBaker
|
7a413d9e46
|
Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/crypto-policies.git#479d7e8c91bce7f65f4e8afce1f1988b81736eb6
|
2021-01-27 15:33:14 +00:00 |
|
DistroBaker
|
2f238bbfb1
|
Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/crypto-policies.git#22c6077e4ea098bceea92dd8c92b8ce9ff753d8c
|
2021-01-18 19:06:23 +00:00 |
|
Petr Šabata
|
a435c5ea66
|
RHEL 9.0.0 Alpha bootstrap
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/crypto-policies#396bae93ee31b0a1d828f834fcdd82e0706ffddc
|
2020-10-14 23:21:50 +02:00 |
|
Release Configuration Management
|
a765b647db
|
New branch setup
|
2020-10-08 11:32:30 +00:00 |
|