-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-1e08f24c96 2023-11-16 02:35:00.005297 -------------------------------------------------------------------------------- Name : crypto-policies Product : Fedora 39 Version : 20231113 Release : 1.gitb402e82.fc39 URL : https://gitlab.com/redhat-crypto/fedora-crypto-policies Summary : System-wide crypto policies Description : This package provides pre-built configuration files with cryptographic policies for various cryptographic back-ends, such as SSL/TLS libraries. -------------------------------------------------------------------------------- Update Information: - Increase chroot-friendliness of fips-mode-setup - turn ssh_etm into an etm@SSH tri-state, allowing better control over whether encrypt-then-mac MAC suites are allowed, required, or disabled in SSH. ### Changelog ``` * Mon Nov 13 2023 Clemens Lang <cllang@xxxxxxxxxx> - 20231113-1.gitb402e82 - fips-mode-setup: Write error messages to stderr - fips-mode-setup: Fix some shellcheck warnings - fips-mode-setup: Fix test for empty /boot - fips-mode-setup: Avoid 'boot=UUID=' if /boot == / * Thu Nov 09 2023 Clemens Lang <cllang@xxxxxxxxxx> - 20231109-1.gitadb5572 - Restore support for scoped ssh_etm directives - Print matches in syntax deprecation warnings * Tue Nov 07 2023 Clemens Lang <cllang@xxxxxxxxxx> - 20231107-1.gitd5877b3 - fips-mode-setup: Fix usage with --no-bootcfg * Tue Nov 07 2023 Clemens Lang <cllang@xxxxxxxxxx> - 20231107-1.git8f49dfa - turn ssh_etm into an etm@SSH tri-state - fips-mode- setup: increase chroot-friendliness (rhbz#2164847) * Wed Sep 20 2023 Alexander Sosedkin <asosedkin@xxxxxxxxxx> - 20230920-1.git570ea89 - OSPP subpolicy: tighten beyond reason for OSPP 4.3 - fips-mode-setup: more thorough --disable, still unsupported ``` -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 13 2023 Clemens Lang <cllang@xxxxxxxxxx> - 20231113-1.gitb402e82 - fips-mode-setup: Write error messages to stderr - fips-mode-setup: Fix some shellcheck warnings - fips-mode-setup: Fix test for empty /boot - fips-mode-setup: Avoid 'boot=UUID=' if /boot == / * Thu Nov 9 2023 Clemens Lang <cllang@xxxxxxxxxx> - 20231109-1.gitadb5572 - Restore support for scoped ssh_etm directives - Print matches in syntax deprecation warnings * Tue Nov 7 2023 Clemens Lang <cllang@xxxxxxxxxx> - 20231107-1.gitd5877b3 - fips-mode-setup: Fix usage with --no-bootcfg * Tue Nov 7 2023 Clemens Lang <cllang@xxxxxxxxxx> - 20231107-1.git8f49dfa - turn ssh_etm into an etm@SSH tri-state - fips-mode-setup: increase chroot-friendliness (rhbz#2164847) * Wed Sep 20 2023 Alexander Sosedkin <asosedkin@xxxxxxxxxx> - 20230920-1.git570ea89 - OSPP subpolicy: tighten beyond reason for OSPP 4.3 - fips-mode-setup: more thorough --disable, still unsupported -------------------------------------------------------------------------------- References: [ 1 ] Bug #2164847 - [RFE] Ability to disable non-etm MACs https://bugzilla.redhat.com/show_bug.cgi?id=2164847 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-1e08f24c96' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue