Update FIPS support to bring in latest changes
* RH2104724: Avoid import/export of DH private keys * RH2092507: P11Key.getEncoded does not work for DH keys in FIPS mode * Build the systemconf library on all platforms * RH2048582: Support PKCS#12 keystores * RH2020290: Support TLS 1.3 in FIPS mode Resolves: rhbz#2104725 Resolves: rhbz#2117758 Resolves: rhbz#2115164 Resolves: rhbz#2029665
This commit is contained in:
Andrew Hughes
parent
aa8a052ae2
commit
674cdfbcb9
File diff suppressed because it is too large
Load Diff
|
|
@ -345,7 +345,7 @@
|
|||
# Define IcedTea version used for SystemTap tapsets and desktop file
|
||||
%global icedteaver 6.0.0pre00-c848b93a8598
|
||||
# Define current Git revision for the FIPS support patches
|
||||
%global fipsver f8142a23d0a
|
||||
%global fipsver 0bd5ca9ccc5
|
||||
|
||||
# Standard JPackage naming and versioning defines
|
||||
%global origin openjdk
|
||||
|
|
@ -353,7 +353,7 @@
|
|||
%global top_level_dir_name %{origin}
|
||||
%global top_level_dir_name_backup %{top_level_dir_name}-backup
|
||||
%global buildver 1
|
||||
%global rpmrelease 2
|
||||
%global rpmrelease 3
|
||||
# Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
|
||||
%if %is_system_jdk
|
||||
# Using 10 digits may overflow the int used for priority, so we combine the patch and build versions
|
||||
|
|
@ -1343,6 +1343,11 @@ Patch7: jdk8292223-tzdata2022b-kyiv.patch
|
|||
# RH2094027: SunEC runtime permission for FIPS
|
||||
# RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
|
||||
# RH2090378: Revert to disabling system security properties and FIPS mode support together
|
||||
# RH2104724: Avoid import/export of DH private keys
|
||||
# RH2092507: P11Key.getEncoded does not work for DH keys in FIPS mode
|
||||
# Build the systemconf library on all platforms
|
||||
# RH2048582: Support PKCS#12 keystores
|
||||
# RH2020290: Support TLS 1.3 in FIPS mode
|
||||
Patch1001: fips-17u-%{fipsver}.patch
|
||||
|
||||
#############################################
|
||||
|
|
@ -2572,6 +2577,18 @@ cjc.mainProgram(args)
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Aug 29 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-3
|
||||
- Update FIPS support to bring in latest changes
|
||||
- * RH2104724: Avoid import/export of DH private keys
|
||||
- * RH2092507: P11Key.getEncoded does not work for DH keys in FIPS mode
|
||||
- * Build the systemconf library on all platforms
|
||||
- * RH2048582: Support PKCS#12 keystores
|
||||
- * RH2020290: Support TLS 1.3 in FIPS mode
|
||||
- Resolves: rhbz#2104725
|
||||
- Resolves: rhbz#2117758
|
||||
- Resolves: rhbz#2115164
|
||||
- Resolves: rhbz#2029665
|
||||
|
||||
* Sun Aug 21 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-2
|
||||
- Update to jdk-17.0.4.1+1
|
||||
- Update release notes to 17.0.4.1+1
|
||||
|
|
|
|||
Loading…
Reference in New Issue