V Tue, May 31, 2022 at 08:07:57AM +0200, Alexander Sosedkin napsal(a): > On Mon, May 30, 2022 at 10:34 PM Garry T. Williams <gtwilliams@xxxxxxxxx> wrote: > > On Friday, April 29, 2022 5:49:05 PM EDT Ben Cotton wrote: > > > Cryptographic policies will be tightened in Fedora 38-39, > > > SHA-1 signatures will no longer be trusted by default. > > > Fedora 37 specifically doesn't come with any change of defaults, > > > and this Fedora Change is an advance warning filed for extra visibility. > > > Test your setup with FUTURE today and file bugs so you won't get bit > > > by Fedora 38-39. > > > > > After looking in > > /usr/share/crypto-policies/policies/modules, I tried again with: > > > > $ sudo update-crypto-policies --set FUTURE:SHA1 > > Setting system policy to FUTURE:SHA1 > > > > But that didn't get me back. I got the same error doing dnf upgrade. > > > > I had to do: > > > > $ sudo update-crypto-policies --set DEFAULT > > > > to get back to dnf working again. > > > > > file bug reports against the affected components if not filed already. > > > > I really don't know what "component" to use filing a bug. > > Yeah, that seems like a case when > the service administrator is the one to be notified. Reported to <https://pagure.io/fedora-infrastructure/issue/10737>. The real cause is not SHA-1. It's a 2048-bit RSA key of an intermediate certificate. -- Petr
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
