[El-errata] ELEA-2023-5065 Oracle Linux 9 crypto-policies enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Sep 27 05:17:06 UTC 2023


Oracle Linux Enhancement Advisory ELEA-2023-5065

http://linux.oracle.com/errata/ELEA-2023-5065.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
crypto-policies-20221215-1.git9a18988.el9_2.1.noarch.rpm
crypto-policies-scripts-20221215-1.git9a18988.el9_2.1.noarch.rpm

aarch64:
crypto-policies-20221215-1.git9a18988.el9_2.1.noarch.rpm
crypto-policies-scripts-20221215-1.git9a18988.el9_2.1.noarch.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//crypto-policies-20221215-1.git9a18988.el9_2.1.src.rpm



Description of changes:

[20221215-1.git9a18988.1]
- openssl: implement relaxing EMS in FIPS (NO-ENFORCE-EMS)
- gnutls: use tls-session-hash option
- nss: use TLS-REQUIRE-EMS
- NO-ENFORCE-EMS: add subpolicy
- FIPS: set __ems = ENFORCE
- cryptopolicies: add enums and __ems tri-state
- docs: replace FIPS 140-2 with just FIPS 140
- codespell: ignore aNULL
- nss: retire NSS_OLD and replace with NSS_LAX 3.80 check




More information about the El-errata mailing list