Accepting request 875107 from home:pmonrealgonzalez:branches:security:tls
To be evaluated in Staging:O OBS-URL: https://build.opensuse.org/request/show/875107 OBS-URL: https://build.opensuse.org/package/show/security:tls/crypto-policies?expand=0&rev=12
This commit is contained in:
parent
cd0fe31e45
commit
14fe68fa46
2
_service
2
_service
@ -4,7 +4,7 @@
|
|||||||
<param name="scm">git</param>
|
<param name="scm">git</param>
|
||||||
<param name="versionformat">%cd.%h</param>
|
<param name="versionformat">%cd.%h</param>
|
||||||
<param name="changesgenerate">enable</param>
|
<param name="changesgenerate">enable</param>
|
||||||
<param name="revision">5c710c0cd17d9cb1954d3084c718791fc31bbcfe</param>
|
<param name="revision">05203d21f6d0ea9bbdb351e4600f1e273720bb8e</param>
|
||||||
</service>
|
</service>
|
||||||
<service name="recompress" mode="disabled">
|
<service name="recompress" mode="disabled">
|
||||||
<param name="file">*.tar</param>
|
<param name="file">*.tar</param>
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
<servicedata>
|
<servicedata>
|
||||||
<service name="tar_scm">
|
<service name="tar_scm">
|
||||||
<param name="url">https://gitlab.com/redhat-crypto/fedora-crypto-policies.git</param>
|
<param name="url">https://gitlab.com/redhat-crypto/fedora-crypto-policies.git</param>
|
||||||
<param name="changesrevision">5c710c0cd17d9cb1954d3084c718791fc31bbcfe</param></service></servicedata>
|
<param name="changesrevision">05203d21f6d0ea9bbdb351e4600f1e273720bb8e</param></service></servicedata>
|
@ -1,3 +1,27 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Feb 25 12:05:39 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
|
||||||
|
|
||||||
|
- Update to version 20210225.05203d2:
|
||||||
|
* Disable DTLS0.9 protocol in the DEFAULT policy.
|
||||||
|
* policies/FIPS: insignificant reformatting
|
||||||
|
* policygenerators/libssh: respect ssh_certs
|
||||||
|
* policies/modules/OSPP: tighten to follow RHEL 8
|
||||||
|
* crypto-policies(7): drop not-reenableable comment
|
||||||
|
* follow up on disabling RC4
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Feb 25 11:59:44 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
|
||||||
|
|
||||||
|
- Remove not needed scripts: fips-finish-install fips-mode-setup
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Feb 24 16:22:08 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
|
||||||
|
|
||||||
|
- Disable DTLS0.9 protocol in GnuTLS DEFAULT policy. [bsc#1180938]
|
||||||
|
* The minimum DTLS protocol version in the DEFAULT and FUTURE
|
||||||
|
policies is DTLS1.2.
|
||||||
|
* Fixed upstream: 05203d21f6d0ea9bbdb351e4600f1e273720bb8e
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Feb 17 12:36:05 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
|
Wed Feb 17 12:36:05 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
|
||||||
|
|
||||||
|
@ -18,7 +18,7 @@
|
|||||||
|
|
||||||
%global _python_bytecompile_extra 0
|
%global _python_bytecompile_extra 0
|
||||||
Name: crypto-policies
|
Name: crypto-policies
|
||||||
Version: 20210213.5c710c0
|
Version: 20210225.05203d2
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: System-wide crypto policies
|
Summary: System-wide crypto policies
|
||||||
License: LGPL-2.1-or-later
|
License: LGPL-2.1-or-later
|
||||||
@ -27,9 +27,7 @@ URL: https://gitlab.com/redhat-crypto/fedora-%{name}
|
|||||||
Source0: fedora-%{name}-%{version}.tar.gz
|
Source0: fedora-%{name}-%{version}.tar.gz
|
||||||
Source1: README.SUSE
|
Source1: README.SUSE
|
||||||
Source2: crypto-policies.7.gz
|
Source2: crypto-policies.7.gz
|
||||||
Source3: fips-mode-setup.8.gz
|
Source3: update-crypto-policies.8.gz
|
||||||
Source4: fips-finish-install.8.gz
|
|
||||||
Source5: update-crypto-policies.8.gz
|
|
||||||
Patch0: crypto-policies-asciidoc.patch
|
Patch0: crypto-policies-asciidoc.patch
|
||||||
Patch1: crypto-policies-typos.patch
|
Patch1: crypto-policies-typos.patch
|
||||||
Patch2: crypto-policies-test_supported_modules_only.patch
|
Patch2: crypto-policies-test_supported_modules_only.patch
|
||||||
@ -62,8 +60,6 @@ such as SSL/TLS libraries.
|
|||||||
%package scripts
|
%package scripts
|
||||||
Summary: Tool to switch between crypto policies
|
Summary: Tool to switch between crypto policies
|
||||||
Requires: %{name} = %{version}-%{release}
|
Requires: %{name} = %{version}-%{release}
|
||||||
Recommends: grubby
|
|
||||||
Provides: fips-mode-setup = %{version}-%{release}
|
|
||||||
|
|
||||||
%description scripts
|
%description scripts
|
||||||
This package provides a tool update-crypto-policies, which applies
|
This package provides a tool update-crypto-policies, which applies
|
||||||
@ -71,9 +67,6 @@ the policies provided by the crypto-policies package. These can be
|
|||||||
either the pre-built policies from the base package or custom policies
|
either the pre-built policies from the base package or custom policies
|
||||||
defined in simple policy definition files.
|
defined in simple policy definition files.
|
||||||
|
|
||||||
The package also provides a tool fips-mode-setup, which can be used
|
|
||||||
to enable or disable the system FIPS mode.
|
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%autosetup -p1 -n fedora-%{name}-%{version}
|
%autosetup -p1 -n fedora-%{name}-%{version}
|
||||||
|
|
||||||
@ -97,10 +90,10 @@ mkdir -p -m 755 %{buildroot}%{_mandir}/
|
|||||||
mkdir -p -m 755 %{buildroot}%{_mandir}/man7/
|
mkdir -p -m 755 %{buildroot}%{_mandir}/man7/
|
||||||
mkdir -p -m 755 %{buildroot}%{_mandir}/man8/
|
mkdir -p -m 755 %{buildroot}%{_mandir}/man8/
|
||||||
cp %{SOURCE2} %{buildroot}%{_mandir}/man7/
|
cp %{SOURCE2} %{buildroot}%{_mandir}/man7/
|
||||||
cp %{SOURCE3} %{SOURCE4} %{SOURCE5} %{buildroot}%{_mandir}/man8/
|
cp %{SOURCE3} %{buildroot}%{_mandir}/man8/
|
||||||
|
|
||||||
# Install the executable files
|
# Install the executable files
|
||||||
install -p -m 755 update-crypto-policies fips-finish-install fips-mode-setup %{buildroot}%{_bindir}/
|
install -p -m 755 update-crypto-policies %{buildroot}%{_bindir}/
|
||||||
|
|
||||||
install -p -m 644 default-config %{buildroot}%{_sysconfdir}/crypto-policies/config
|
install -p -m 644 default-config %{buildroot}%{_sysconfdir}/crypto-policies/config
|
||||||
touch %{buildroot}%{_sysconfdir}/crypto-policies/state/current
|
touch %{buildroot}%{_sysconfdir}/crypto-policies/state/current
|
||||||
@ -207,9 +200,4 @@ end
|
|||||||
%{_mandir}/man8/update-crypto-policies.8%{?ext_man}
|
%{_mandir}/man8/update-crypto-policies.8%{?ext_man}
|
||||||
%{_datarootdir}/crypto-policies/python
|
%{_datarootdir}/crypto-policies/python
|
||||||
|
|
||||||
%{_bindir}/fips-mode-setup
|
|
||||||
%{_bindir}/fips-finish-install
|
|
||||||
%{_mandir}/man8/fips-mode-setup.8%{?ext_man}
|
|
||||||
%{_mandir}/man8/fips-finish-install.8%{?ext_man}
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:86e8073b832f6050cbf07c0d1a658bf5bbd400b2352f796c80092263812cd480
|
|
||||||
size 57622
|
|
3
fedora-crypto-policies-20210225.05203d2.tar.gz
Normal file
3
fedora-crypto-policies-20210225.05203d2.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:773522be2bf98a7e88bc684d33c846b337d170cf33001dc2b20eee35c82c8030
|
||||||
|
size 58094
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:0df0d2341bf1c34847e7a9ed44ece1b6484e2f1daeb3134f16a89914a6a1cfdc
|
|
||||||
size 881
|
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:de5a21524d5f6ddb030d5349c6bfb0b850ce2360d4f00bd23aaf8a0d9ad9a09d
|
|
||||||
size 1124
|
|
Loading…
x
Reference in New Issue
Block a user