-
Tue Feb 28 2023 Daiki Ueno <dueno@redhat.com> - 3.7.6-18
- Update gnutls-3.7.8-fips-pct-dh.patch to the upstream version (#2168610)
-
Fri Feb 10 2023 Daiki Ueno <dueno@redhat.com> - 3.7.6-17
- Fix timing side-channel in TLS RSA key exchange (#2162600)
-
Fri Feb 10 2023 Daiki Ueno <dueno@redhat.com> - 3.7.6-16
- fips: extend PCT to DH key generation (#2168610)
-
Thu Dec 15 2022 Zoltan Fridrich <zfridric@redhat.com> - 3.7.6-14
- fips: remove library path checking from FIPS integrity check (#2149638)
- fips: rename hmac file to its previous name (#2149640)
-
Tue Nov 22 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-13
- cipher: add restriction on CCM tag length under FIPS mode (#2144535)
- nettle: mark non-compliant RSA-PSS salt length to be not-approved (#2144537)
-
Tue Sep 27 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-12
- fips: mark PBKDF2 with short key and output sizes non-approved
- fips: only mark HMAC as approved in PBKDF2
- fips: mark gnutls_key_generate with short key sizes non-approved
- fips: fix checking on hash algorithm used in ECDSA
- fips: preserve operation context around FIPS selftests API
-
Fri Aug 26 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-11
- Supply --with{,out}-{zlib,brotli,zstd} explicitly
-
Thu Aug 25 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-10
- Revert nettle version pinning as it doesn't work well in side-tag
-
Thu Aug 25 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-9
- Pin nettle version in Requires when compiled with FIPS
-
Tue Aug 23 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-8
- Bundle GMP to privatize memory functions
- Disable certificate compression support by default