| Name: | crypto-policies-scripts |
|---|---|
| Version: | 20260224 |
| Release: | 1.0.1.gitea0f072.el9_8 |
| Architecture: | noarch |
| Group: | Unspecified |
| Size: | 273381 |
| License: | LGPL-2.1-or-later |
| RPM: | crypto-policies-scripts-20260224-1.0.1.gitea0f072.el9_8.noarch.rpm |
| Source RPM: | crypto-policies-20260224-1.0.1.gitea0f072.el9_8.src.rpm |
| Build Date: | Tue May 26 2026 |
| Build Host: | build-ol9-x86_64.oracle.com |
| Vendor: | Oracle America |
| URL: | https://gitlab.com/redhat-crypto/fedora-crypto-policies |
| Summary: | Tool to switch between crypto policies |
| Description: | This package provides a tool update-crypto-policies, which applies the policies provided by the crypto-policies package. These can be either the pre-built policies from the base package or custom policies defined in simple policy definition files. The package also provides a tool fips-mode-setup, which can be used to enable or disable the system FIPS mode. |
- openssl: enable pure ML-KEM groups [Orabug: 39423111] - openssh: backport mlkem-nist implementation [Orabug: 39423111]
- openssh: enable mlkem768x25519-sha256
- gnutls: enable ML-KEM and ML-DSA - sequoia: register "eddsa" as an alias to EDDSA-ED25519
- rpm-sequoia: enable MLDSA65-ED25519 and MLDSA87-ED448 in all policies - rpm-sequoia: enable SHA-1 in all policies - rpm-sequoia: force enable all PQ algorithms for now
- nss: enable ML-KEM and ML-DSA
- rpm-sequoia: add back-end - openssl: send one PQ and one classic key_share; prioritize PQ groups - policies: alias X25519-MLKEM768 to MLKEM768-X25519 - nss: enable ED25519
- openssl: fix mistakes in integrity-only cipher definitions - PQ: add a subpolicy with some post-quantum algorithms
- openssl: stricter enabling of Ciphersuites - openssl: make use of -CBC and -AESGCM keywords
- release bump
- fips-mode-setup: small Argon2 detection fix