[ol8_baseos_latest] crypto-policies-20191128-2.git23e1bf1.el8.noarch

Name:	crypto-policies
Version:	20191128
Release:	2.git23e1bf1.el8
Architecture:	noarch
Group:	Unspecified
Size:	190222
License:	LGPLv2+
RPM:	crypto-policies-20191128-2.git23e1bf1.el8.noarch.rpm
Source RPM:	crypto-policies-20191128-2.git23e1bf1.el8.src.rpm
Build Date:	Mon Feb 17 2020
Build Host:	jenkins-10-147-72-125-c5b73e7c-96b8-4432-82d0-e7725c1cde3d.appad1iad.osdevelopmeniad.oraclevcn.com
Vendor:	Oracle America
URL:	https://gitlab.com/redhat-crypto/fedora-crypto-policies
Summary:	System-wide crypto policies
Description:	This package provides a tool update-crypto-policies, which sets the policy applicable for the various cryptographic back-ends, such as SSL/TLS libraries. The policy set by the tool will be the default policy used by these back-ends unless the application user configures them otherwise. The package also provides a tool fips-mode-setup, which can be used to enable or disable the system FIPS mode.

Changelog (Show File list) (Show related packages)

Mon Dec 16 2019 Tomáš Mráz <tmraz@redhat.com> - 20191128-2.git23e1bf1

- move the pre-built .config files to /usr/share/crypto-policies/back-ends

Fri Nov 29 2019 Tomáš Mráz <tmraz@redhat.com> - 20191128-1.git23e1bf1
```
- fips-mode-setup: compatibility with RHCOS
```
Thu Nov 28 2019 Tomáš Mráz <tmraz@redhat.com> - 20191127-1.git1179826
```
- add FIPS subpolicy for OSPP
```

Tue Oct 29 2019 Tomáš Mráz <tmraz@redhat.com> - 20191022-1.gite17cc3a

- custom crypto policies support
- update-crypto-policies: fix handling of list operations in policy modules
- update-crypto-policies: fix updating of the current policy marker
- fips-mode-setup: fixes related to containers and non-root execution
- make it possible to use fips-mode-setup --check without dracut
- add .config symlinks so a crypto policy can be set with read-only
  /etc by bind-mounting /usr/share/crypto-policies/<policy> to
  /etc/crypto-policies/back-ends
- run the update-crypto-policies in posttrans

Wed Aug 07 2019 Tomáš Mráz <tmraz@redhat.com> - 20190807-1.git9b1477b
```
- gnutls: enable TLS-1.3 in the FIPS policy
```

Mon Aug 05 2019 Tomáš Mráz <tmraz@redhat.com> - 20190613-2.git21ffdc8

- fix ownership of policy directories
- nss: enable X25519 in appropriate policies and conflict with old nss
- openssh: conflict with old incompatible openssh version

Thu Jun 13 2019 Tomáš Mráz <tmraz@redhat.com> - 20190613-1.git21ffdc8

- openssh: add missing curve25519-sha256 to the key exchange list
- openssh: fix RSA certificate support
- fips-mode-setup: drop the kernel boot option if there is no separate
  /boot drive
- fips-finish-install: regenerate all initramdisks
- add libssh configuration backend

Mon Feb 18 2019 Tomáš Mráz <tmraz@redhat.com> - 20181217-6.git9a35207
```
- libreswan: Allow coalescing the IKE/IPSEC proposals
```
Fri Feb 08 2019 Tomáš Mráz <tmraz@redhat.com> - 20181217-5.git9a35207
```
- cleanups of the crypto-policies.7 manual page
```
Fri Feb 01 2019 Tomáš Mráz <tmraz@redhat.com> - 20181217-4.git9a35207
```
- Java: Fix FIPS and FUTURE policy to allow RSA certificates in TLS
```