| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: crypto-policies | Distribution: SUSE Linux Enterprise 15 |
| Version: 20210917.c9d86d1 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 150400.1.7 | Build date: Sat May 7 23:17:56 2022 |
| Group: Productivity/Networking/Security | Build host: sheep19 |
| Size: 85282 | Source RPM: crypto-policies-20210917.c9d86d1-150400.1.7.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://gitlab.com/redhat-crypto/fedora-crypto-policies | |
| Summary: System-wide crypto policies | |
This package provides pre-built configuration files with cryptographic policies for various cryptographic back-ends, such as SSL/TLS libraries.
LGPL-2.1-or-later
* Fri Sep 24 2021 pmonreal@suse.com
- Remove the scripts and documentation regarding
fips-finish-install and test-fips-setup
* Add crypto-policies-FIPS.patch
* Fri Sep 24 2021 pmonreal@suse.com
- Update to version 20210917.c9d86d1:
* openssl: fix disabling ChaCha20
* pacify pylint 2.11: use format strings
* pacify pylint 2.11: specify explicit encoding
* fix minor things found by new pylint
* update-crypto-policies: --check against regenerated
* update-crypto-policies: fix --check's walking order
* policygenerators/gnutls: revert disabling DTLS0.9...
* policygenerators/java: add javasystem backend
* LEGACY: bump 1023 key size to 1024
* cryptopolicies: fix 'and' in deprecation warnings
* *ssh: condition ecdh-sha2-nistp384 on SECP384R1
* nss: hopefully the last fix for nss sigalgs check
* cryptopolicies: Python 3.10 compatibility
* nss: postponing check + testing at least something
* Rename 'policy modules' to 'subpolicies'
* validation.rules: fix a missing word in error
* cryptopolicies: raise errors right after warnings
* update-crypto-policies: capitalize warnings
* cryptopolicies: syntax-precheck scope errors
* .gitlab-ci.yml, Makefile: enable codespell
* all: fix several typos
* docs: don't leave zero TLS/DTLS protocols on
* openssl: separate TLS/DTLS MinProtocol/MaxProtocol
* alg_lists: order protocols new-to-old for consistency
* alg_lists: max_{d,}tls_version
* update-crypto-policies: fix pregenerated + local.d
* openssh: allow validation with pre-8.5
* .gitlab-ci.yml: run commit-range against upstream
* openssh: Use the new name for PubkeyAcceptedKeyTypes
* sha1_in_dnssec: deprecate
* .gitlab-ci.yml: test commit ranges
* FIPS:OSPP: sign = -*-SHA2-224
* scoped policies: documentation update
* scoped policies: use new features to the fullest...
* scoped policies: rewrite + minimal policy changes
* scoped policies: rewrite preparations
* nss: postponing the version check again, to 3.64
- Remove patches fixed upstream: crypto-policies-typos.patch
- Rebase: crypto-policies-test_supported_modules_only.patch
- Merge crypto-policies-asciidoc.patch into
crypto-policies-no-build-manpages.patch
* Thu Feb 25 2021 pmonreal@suse.com
- Update to version 20210225.05203d2:
* Disable DTLS0.9 protocol in the DEFAULT policy.
* policies/FIPS: insignificant reformatting
* policygenerators/libssh: respect ssh_certs
* policies/modules/OSPP: tighten to follow RHEL 8
* crypto-policies(7): drop not-reenableable comment
* follow up on disabling RC4
* Thu Feb 25 2021 pmonreal@suse.com
- Remove not needed scripts: fips-finish-install fips-mode-setup
* Wed Feb 24 2021 pmonreal@suse.com
- Disable DTLS0.9 protocol in GnuTLS DEFAULT policy. [bsc#1180938]
* The minimum DTLS protocol version in the DEFAULT and FUTURE
policies is DTLS1.2.
* Fixed upstream: 05203d21f6d0ea9bbdb351e4600f1e273720bb8e
* Wed Feb 17 2021 pmonreal@suse.com
- Update to version 20210213.5c710c0: [bsc#1180938]
* setup_directories(): perform safer creation of directories
* save_config(): avoid re-opening output file for each iteration
* save_config(): break after first match to avoid unnecessary stat() calls
* CryptoPolicy.parse(): actually stop parsing line on syntax error
* ProfileConfig.parse_string(): correctly extended subpolicies
* Exclude RC4 from LEGACY
* Introduce rc4_md5_in_krb5 to narrow AD_SUPPORT
* code style: fix 'not in' membership testing
* pylintrc: tighten up a bit
* formatting: avoid long lines
* formatting: use f-strings instead of format()
* formatting: reformat all python code with autopep8
* nss: postponing the version check again, to 3.61
* Revert "Unfortunately we have to keep ignoring the openssh check for sk-"
* Tue Feb 09 2021 dimstar@opensuse.org
- Use tar_scm service, not obs_scm: With crypto-policies entering
Ring0 (distro bootstrap) we want to be sure to keep the buildtime
deps as low as possible.
- Add python3-base BuildRequires: previously, OBS' tar service
pulled this in for us.
* Mon Feb 08 2021 pmonreal@suse.com
- Add a BuildIgnore for crypto-policies
* Mon Feb 08 2021 pmonreal@suse.com
- Use gzip instead of xz in obscpio and sources
* Fri Feb 05 2021 pmonreal@suse.com
- Do not build the manpages to avoid build cycles
- Add crypto-policies-no-build-manpages.patch
* Tue Feb 02 2021 dimstar@opensuse.org
- Convert to use a proper git source _service:
+ To update, one just needs to update the commit/revision in the
_service file and run `osc service dr`.
+ The version of the package is defined by the commit date of the
revision, followed by the abbreviated git hash (The same
revision used before results thus in a downgrade to 20210118,
but as this is a alltime new package, this is acceptable.
* Tue Feb 02 2021 pmonreal@suse.com
- Update to git version 20210127
* Bump Python requirement to 3.6
* Output sigalgs required by nss >=3.59
* Do not require bind during build
* Break build cycles with openssl and gnutls
* Thu Jan 21 2021 pmonreal@suse.com
- Update to git version 20210118
* Output sigalgs required by nss >=3.59
* Bump Python requirement to 3.6
* Kerberos 5: Fix policy generator to account for macs
* Add AES-192 support (non-TLS scenarios)
* Add documentation of the --check option
* Thu Jan 21 2021 pmonreal@suse.com
- Fix the man pages generation
- Add crypto-policies-asciidoc.patch
* Thu Jan 21 2021 pmonreal@suse.com
- Test only supported modules
- Add crypto-policies-test_supported_modules_only.patch
* Tue Dec 22 2020 pmonreal@suse.com
- Add crypto-policies-typos.patch to fix some typos
* Thu Nov 12 2020 vcizek@suse.com
- Initial packaging, git version 20200918 (jsc#SLE-15832)
/etc/crypto-policies /etc/crypto-policies/README.SUSE /etc/crypto-policies/back-ends /etc/crypto-policies/back-ends/bind.config /etc/crypto-policies/back-ends/gnutls.config /etc/crypto-policies/back-ends/java.config /etc/crypto-policies/back-ends/javasystem.config /etc/crypto-policies/back-ends/krb5.config /etc/crypto-policies/back-ends/libreswan.config /etc/crypto-policies/back-ends/libssh.config /etc/crypto-policies/back-ends/nss.config /etc/crypto-policies/back-ends/openssh.config /etc/crypto-policies/back-ends/opensshserver.config /etc/crypto-policies/back-ends/openssl.config /etc/crypto-policies/back-ends/opensslcnf.config /etc/crypto-policies/config /etc/crypto-policies/local.d /etc/crypto-policies/policies /etc/crypto-policies/policies/modules /etc/crypto-policies/state /etc/crypto-policies/state/CURRENT.pol /etc/crypto-policies/state/current /usr/share/crypto-policies /usr/share/crypto-policies/DEFAULT /usr/share/crypto-policies/DEFAULT/bind.txt /usr/share/crypto-policies/DEFAULT/gnutls.txt /usr/share/crypto-policies/DEFAULT/java.txt /usr/share/crypto-policies/DEFAULT/javasystem.txt /usr/share/crypto-policies/DEFAULT/krb5.txt /usr/share/crypto-policies/DEFAULT/libreswan.txt /usr/share/crypto-policies/DEFAULT/libssh.txt /usr/share/crypto-policies/DEFAULT/nss.txt /usr/share/crypto-policies/DEFAULT/openssh.txt /usr/share/crypto-policies/DEFAULT/opensshserver.txt /usr/share/crypto-policies/DEFAULT/openssl.txt /usr/share/crypto-policies/DEFAULT/opensslcnf.txt /usr/share/crypto-policies/EMPTY /usr/share/crypto-policies/EMPTY/bind.txt /usr/share/crypto-policies/EMPTY/gnutls.txt /usr/share/crypto-policies/EMPTY/java.txt /usr/share/crypto-policies/EMPTY/javasystem.txt /usr/share/crypto-policies/EMPTY/krb5.txt /usr/share/crypto-policies/EMPTY/libreswan.txt /usr/share/crypto-policies/EMPTY/libssh.txt /usr/share/crypto-policies/EMPTY/nss.txt /usr/share/crypto-policies/EMPTY/openssh.txt /usr/share/crypto-policies/EMPTY/opensshserver.txt /usr/share/crypto-policies/EMPTY/openssl.txt /usr/share/crypto-policies/EMPTY/opensslcnf.txt /usr/share/crypto-policies/FIPS /usr/share/crypto-policies/FIPS/bind.txt /usr/share/crypto-policies/FIPS/gnutls.txt /usr/share/crypto-policies/FIPS/java.txt /usr/share/crypto-policies/FIPS/javasystem.txt /usr/share/crypto-policies/FIPS/krb5.txt /usr/share/crypto-policies/FIPS/libreswan.txt /usr/share/crypto-policies/FIPS/libssh.txt /usr/share/crypto-policies/FIPS/nss.txt /usr/share/crypto-policies/FIPS/openssh.txt /usr/share/crypto-policies/FIPS/opensshserver.txt /usr/share/crypto-policies/FIPS/openssl.txt /usr/share/crypto-policies/FIPS/opensslcnf.txt /usr/share/crypto-policies/FUTURE /usr/share/crypto-policies/FUTURE/bind.txt /usr/share/crypto-policies/FUTURE/gnutls.txt /usr/share/crypto-policies/FUTURE/java.txt /usr/share/crypto-policies/FUTURE/javasystem.txt /usr/share/crypto-policies/FUTURE/krb5.txt /usr/share/crypto-policies/FUTURE/libreswan.txt /usr/share/crypto-policies/FUTURE/libssh.txt /usr/share/crypto-policies/FUTURE/nss.txt /usr/share/crypto-policies/FUTURE/openssh.txt /usr/share/crypto-policies/FUTURE/opensshserver.txt /usr/share/crypto-policies/FUTURE/openssl.txt /usr/share/crypto-policies/FUTURE/opensslcnf.txt /usr/share/crypto-policies/LEGACY /usr/share/crypto-policies/LEGACY/bind.txt /usr/share/crypto-policies/LEGACY/gnutls.txt /usr/share/crypto-policies/LEGACY/java.txt /usr/share/crypto-policies/LEGACY/javasystem.txt /usr/share/crypto-policies/LEGACY/krb5.txt /usr/share/crypto-policies/LEGACY/libreswan.txt /usr/share/crypto-policies/LEGACY/libssh.txt /usr/share/crypto-policies/LEGACY/nss.txt /usr/share/crypto-policies/LEGACY/openssh.txt /usr/share/crypto-policies/LEGACY/opensshserver.txt /usr/share/crypto-policies/LEGACY/openssl.txt /usr/share/crypto-policies/LEGACY/opensslcnf.txt /usr/share/crypto-policies/back-ends /usr/share/crypto-policies/back-ends/DEFAULT /usr/share/crypto-policies/back-ends/DEFAULT/bind.config /usr/share/crypto-policies/back-ends/DEFAULT/gnutls.config /usr/share/crypto-policies/back-ends/DEFAULT/java.config /usr/share/crypto-policies/back-ends/DEFAULT/javasystem.config /usr/share/crypto-policies/back-ends/DEFAULT/krb5.config /usr/share/crypto-policies/back-ends/DEFAULT/libreswan.config /usr/share/crypto-policies/back-ends/DEFAULT/libssh.config /usr/share/crypto-policies/back-ends/DEFAULT/nss.config /usr/share/crypto-policies/back-ends/DEFAULT/openssh.config /usr/share/crypto-policies/back-ends/DEFAULT/opensshserver.config /usr/share/crypto-policies/back-ends/DEFAULT/openssl.config /usr/share/crypto-policies/back-ends/DEFAULT/opensslcnf.config /usr/share/crypto-policies/back-ends/FIPS /usr/share/crypto-policies/back-ends/FIPS/bind.config /usr/share/crypto-policies/back-ends/FIPS/gnutls.config /usr/share/crypto-policies/back-ends/FIPS/java.config /usr/share/crypto-policies/back-ends/FIPS/javasystem.config /usr/share/crypto-policies/back-ends/FIPS/krb5.config /usr/share/crypto-policies/back-ends/FIPS/libreswan.config /usr/share/crypto-policies/back-ends/FIPS/libssh.config /usr/share/crypto-policies/back-ends/FIPS/nss.config /usr/share/crypto-policies/back-ends/FIPS/openssh.config /usr/share/crypto-policies/back-ends/FIPS/opensshserver.config /usr/share/crypto-policies/back-ends/FIPS/openssl.config /usr/share/crypto-policies/back-ends/FIPS/opensslcnf.config /usr/share/crypto-policies/back-ends/FUTURE /usr/share/crypto-policies/back-ends/FUTURE/bind.config /usr/share/crypto-policies/back-ends/FUTURE/gnutls.config /usr/share/crypto-policies/back-ends/FUTURE/java.config /usr/share/crypto-policies/back-ends/FUTURE/javasystem.config /usr/share/crypto-policies/back-ends/FUTURE/krb5.config /usr/share/crypto-policies/back-ends/FUTURE/libreswan.config /usr/share/crypto-policies/back-ends/FUTURE/libssh.config /usr/share/crypto-policies/back-ends/FUTURE/nss.config /usr/share/crypto-policies/back-ends/FUTURE/openssh.config /usr/share/crypto-policies/back-ends/FUTURE/opensshserver.config /usr/share/crypto-policies/back-ends/FUTURE/openssl.config /usr/share/crypto-policies/back-ends/FUTURE/opensslcnf.config /usr/share/crypto-policies/back-ends/LEGACY /usr/share/crypto-policies/back-ends/LEGACY/bind.config /usr/share/crypto-policies/back-ends/LEGACY/gnutls.config /usr/share/crypto-policies/back-ends/LEGACY/java.config /usr/share/crypto-policies/back-ends/LEGACY/javasystem.config /usr/share/crypto-policies/back-ends/LEGACY/krb5.config /usr/share/crypto-policies/back-ends/LEGACY/libreswan.config /usr/share/crypto-policies/back-ends/LEGACY/libssh.config /usr/share/crypto-policies/back-ends/LEGACY/nss.config /usr/share/crypto-policies/back-ends/LEGACY/openssh.config /usr/share/crypto-policies/back-ends/LEGACY/opensshserver.config /usr/share/crypto-policies/back-ends/LEGACY/openssl.config /usr/share/crypto-policies/back-ends/LEGACY/opensslcnf.config /usr/share/crypto-policies/default-config /usr/share/crypto-policies/policies /usr/share/crypto-policies/policies/DEFAULT.pol /usr/share/crypto-policies/policies/EMPTY.pol /usr/share/crypto-policies/policies/FIPS.pol /usr/share/crypto-policies/policies/FUTURE.pol /usr/share/crypto-policies/policies/GOST-ONLY.pol /usr/share/crypto-policies/policies/LEGACY.pol /usr/share/crypto-policies/policies/NEXT.pol /usr/share/crypto-policies/policies/modules /usr/share/crypto-policies/policies/modules/AD-SUPPORT.pmod /usr/share/crypto-policies/policies/modules/ECDHE-ONLY.pmod /usr/share/crypto-policies/policies/modules/FEDORA32.pmod /usr/share/crypto-policies/policies/modules/GOST.pmod /usr/share/crypto-policies/policies/modules/NO-CAMELLIA.pmod /usr/share/crypto-policies/policies/modules/NO-SHA1.pmod /usr/share/crypto-policies/policies/modules/OSPP.pmod /usr/share/crypto-policies/policies/modules/SHA1.pmod /usr/share/crypto-policies/reload-cmds.sh /usr/share/licenses/crypto-policies /usr/share/licenses/crypto-policies/COPYING.LESSER /usr/share/man/man7/crypto-policies.7.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 9 17:06:41 2024