[ol8_baseos_latest] crypto-policies-20190807-1.git9b1477b.el8.noarch

Name:	crypto-policies
Version:	20190807
Release:	1.git9b1477b.el8
Architecture:	noarch
Group:	Unspecified
Size:	70572
License:	LGPLv2+
RPM:	crypto-policies-20190807-1.git9b1477b.el8.noarch.rpm
Source RPM:	crypto-policies-20190807-1.git9b1477b.el8.src.rpm
Build Date:	Sun Nov 10 2019
Build Host:	jenkins-10-147-72-125-5175330d-7169-4500-9dab-ee68de92c90a.appad1iad.osdevelopmeniad.oraclevcn.com
Vendor:	Oracle America
URL:	https://gitlab.com/redhat-crypto/fedora-crypto-policies
Summary:	Systemwide crypto policies
Description:	This package provides a tool update-crypto-policies, which sets the policy applicable for the various cryptographic back-ends, such as SSL/TLS libraries. The policy set by the tool will be the default policy used by these back-ends unless the application user configures them otherwise. The package also provides a tool fips-mode-setup, which can be used to enable or disable the system FIPS mode.

Changelog (Show File list) (Show related packages)

Wed Aug 07 2019 Tomáš Mráz <tmraz@redhat.com> - 20190807-1.git9b1477b
```
- gnutls: enable TLS-1.3 in the FIPS policy
```

Mon Aug 05 2019 Tomáš Mráz <tmraz@redhat.com> - 20190613-2.git21ffdc8

- fix ownership of policy directories
- nss: enable X25519 in appropriate policies and conflict with old nss
- openssh: conflict with old incompatible openssh version

Thu Jun 13 2019 Tomáš Mráz <tmraz@redhat.com> - 20190613-1.git21ffdc8

- openssh: add missing curve25519-sha256 to the key exchange list
- openssh: fix RSA certificate support
- fips-mode-setup: drop the kernel boot option if there is no separate
  /boot drive
- fips-finish-install: regenerate all initramdisks
- add libssh configuration backend

Mon Feb 18 2019 Tomáš Mráz <tmraz@redhat.com> - 20181217-6.git9a35207
```
- libreswan: Allow coalescing the IKE/IPSEC proposals
```
Fri Feb 08 2019 Tomáš Mráz <tmraz@redhat.com> - 20181217-5.git9a35207
```
- cleanups of the crypto-policies.7 manual page
```
Fri Feb 01 2019 Tomáš Mráz <tmraz@redhat.com> - 20181217-4.git9a35207
```
- Java: Fix FIPS and FUTURE policy to allow RSA certificates in TLS
```

Tue Jan 22 2019 Tomáš Mráz <tmraz@redhat.com> - 20181217-3.git9a35207

- cleanup duplicate and incorrect information from update-crypto-policies.8
  manual page

Mon Jan 21 2019 Tomáš Mráz <tmraz@redhat.com> - 20181217-2.git9a35207
```
- add crypto-policies.7 manual page
```

Mon Dec 17 2018 Tomáš Mráz <tmraz@redhat.com> - 20181217-1.git9a35207

- update-crypto-policies: Fix endless loop
- update-crypto-policies: Add warning about the need of system restart
- fips-mode-setup: Use grub2-editenv to modify the kernelopts for BLS

Thu Nov 22 2018 Tomáš Mráz <tmraz@redhat.com> - 20181122-1.git70769d9

- update-crypto-policies: fix error on multiple matches in local.d
- Print warning when update-crypto-policies --set is used in the FIPS mode
- Java: Add 3DES and RC4 to legacy algorithms in LEGACY policy
- OpenSSL: Properly disable non AEAD and AES128 ciphersuites in FUTURE
- libreswan: Add chacha20_poly1305 to all policies and drop ikev1 from LEGACY