Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

openssh-cavs-8.3p1-3.fc32 RPM for x86_64

From Fedora 32 updates for x86_64 / Packages / o

Name: openssh-cavs Distribution: Fedora Project
Version: 8.3p1 Vendor: Fedora Project
Release: 3.fc32 Build date: Wed Jun 10 20:24:17 2020
Group: Unspecified Build host: buildvm-x86-18.iad2.fedoraproject.org
Size: 452965 Source RPM: openssh-8.3p1-3.fc32.src.rpm
Packager: Fedora Project
Url: http://www.openssh.com/portable.html
Summary: CAVS tests for FIPS validation
This package contains test binaries and scripts to make FIPS validation
easier. Now contains CTR and KDF CAVS test driver.

Provides

Requires

License

BSD

Changelog

* Wed Jun 10 2020 Jakub Jelen <jjelen@redhat.com> - 8.3p1-3 + 0.10.3-10
  - Do not lose PIN when more slots match PKCS#11 URI (#1843372)
  - Update to new crypto-policies version on server (using sshd_config include)
  - Move redhat configuraion files to larger number to allow simpler override
  - Move sshd_config include before any other definitions (#1824913)
* Mon Jun 01 2020 Jakub Jelen <jjelen@redhat.com> - 8.3p1-2 + 0.10.3-10
  - Fix crash on cleanup (#1842281)
* Wed May 27 2020 Jakub Jelen <jjelen@redhat.com> - 8.3p1-1 + 0.10.3-10
  - New upstream release (#1840503)
  - Unbreak corner cases of sshd_config include
  - Fix order of gssapi key exchange algorithms
* Wed Apr 08 2020 Jakub Jelen <jjelen@redhat.com> - 8.2p1-3 + 0.10.3-9
  - Simplify reference to crypto policies in configuration files
  - Unbreak gssapi authentication with GSSAPITrustDNS over jump hosts
  - Correctly print FIPS mode initialized in debug mode
  - Enable SHA2-based GSSAPI key exchange methods (#1666781)
  - Do not break X11 forwarding when IPv6 is disabled
  - Remove fipscheck dependency as OpenSSH is no longer FIPS module
  - Improve documentation about crypto policies defaults in manual pages
* Thu Feb 20 2020 Jakub Jelen <jjelen@redhat.com> - 8.2p1-2 + 0.10.3-9
  - Build against libfido2 to unbreak internal u2f support
* Mon Feb 17 2020 Jakub Jelen <jjelen@redhat.com> - 8.2p1-1 + 0.10.3-9
  - New upstrem reelase (#1803290)
  - New /etc/ssh/sshd_config.d drop in directory
  - Support for U2F security keys
  - Correctly report invalid key permissions (#1801459)
  - Do not write bogus information on stderr in FIPS mode (#1778224)
* Mon Feb 03 2020 Jakub Jelen <jjelen@redhat.com> - 8.1p1-4 + 0.10.3-8
  - Unbreak seccomp filter on ARM (#1796267)
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 8.1p1-3.1
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Nov 27 2019 Jakub Jelen <jjelen@redhat.com> - 8.1p1-3 + 0.10.3-8
  - Unbreak seccomp filter also on ARM (#1777054)
* Thu Nov 14 2019 Jakub Jelen <jjelen@redhat.com> - 8.1p1-2 + 0.10.3-8
  - Unbreak seccomp filter with latest glibc (#1771946)
* Wed Oct 09 2019 Jakub Jelen <jjelen@redhat.com> - 8.1p1-1 + 0.10.3-8
  - New upstream release (#1759750)
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 8.0p1-8.1
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Tue Jul 23 2019 Jakub Jelen <jjelen@redhat.com> - 8.0p1-8 + 0.10.3-7
  - Use the upstream-accepted version of the PKCS#8 PEM support (#1722285)
* Fri Jul 12 2019 Jakub Jelen <jjelen@redhat.com> - 8.0p1-7 + 0.10.3-7
  - Use the environment file under /etc/sysconfig for anaconda configuration (#1722928)
* Wed Jul 03 2019 Jakub Jelen <jjelen@redhat.com> - 8.0p1-6 + 0.10.3-7
  - Provide the entry point for anaconda configuration in service file (#1722928)
* Wed Jun 26 2019 Jakub Jelen <jjelen@redhat.com> - 8.0p1-5 + 0.10.3-7
  - Disable root password logins (#1722928)
  - Fix typo in manual pages related to crypto-policies
  - Fix the gating test to make sure it removes the test user
  - Cleanu up spec file and get rid of some rpmlint warnings
* Mon Jun 17 2019 Jakub Jelen <jjelen@redhat.com> - 8.0p1-4 + 0.10.3-7
  - Compatibility with ibmca engine for ECC
  - Generate more modern PEM files using new OpenSSL API
  - Provide correct signature types for RSA keys using SHA2 from agent
* Mon May 27 2019 Jakub Jelen <jjelen@redhat.com> - 8.0p1-3 + 0.10.3-7
  - Remove problematic patch updating cached pw structure
  - Do not require the labels on the public objects (#1710832)
* Tue May 14 2019 Jakub Jelen <jjelen@redhat.com> - 8.0p1-2 + 0.10.3-7
  - Use OpenSSL KDF
  - Use high-level OpenSSL API for signatures handling
  - Mention crypto-policies in manual pages instead of hardcoded defaults
  - Verify in package testsuite that SCP vulnerabilities are fixed
  - Do not fail in FIPS mode, when unsupported algorithm is listed in configuration
* Fri Apr 26 2019 Jakub Jelen <jjelen@redhat.com> - 8.0p1-1 + 0.10.3-7
  - New upstream release (#1701072)
  - Removed support for VendroPatchLevel configuration option
  - Significant rework of GSSAPI Key Exchange
  - Significant rework of PKCS#11 URI support
* Mon Mar 11 2019 Jakub Jelen <jjelen@redhat.com> - 7.9p1-5 + 0.10.3.6
  - Fix kerberos cleanup procedures with GSSAPI
  - Update cached passwd structure after PAM authentication
  - Do not fall back to sshd_net_t SELinux context
  - Fix corner cases of PKCS#11 URI implementation
  - Do not negotiate arbitrary primes with DH GEX in FIPS
* Wed Feb 06 2019 Jakub Jelen <jjelen@redhat.com> - 7.9p1-4 + 0.10.3.6
  - Log when a client requests an interactive session and only sftp is allowed
  - Fix minor issues in ssh-copy-id
  - Enclose redhat specific configuration with Match final block
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 7.9p1-3.2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 7.9p1-3.1
  - Rebuilt for libcrypt.so.2 (#1666033)
* Mon Jan 14 2019 Jakub Jelen <jjelen@redhat.com> - 7.9p1-3 + 0.10.3.6
  - Backport Match final to unbreak canonicalization with crypto-policies (#1630166)
  - gsskex: Dump correct option
  - Backport several fixes from 7_9 branch, mostly related to certificate authentication (#1665611)
  - Backport patch for CVE-2018-20685 (#1665786)
  - Correctly initialize ECDSA key structures from PKCS#11
* Wed Nov 14 2018 Jakub Jelen <jjelen@redhat.com> - 7.9p1-2 + 0.10.3-6
  - Fix LDAP configure test (#1642414)
  - Avoid segfault on kerberos authentication failure
  - Reference correct file in configuration example (#1643274)
  - Dump missing GSSAPI configuration options
  - Allow to disable RSA signatures with SHA-1
* Fri Oct 19 2018 Jakub Jelen <jjelen@redhat.com> - 7.9p1-1 + 0.10.3-6
  - New upstream release OpenSSH 7.9p1 (#1632902, #1630166)
  - Honor GSSAPIServerIdentity option for GSSAPI key exchange
  - Do not break gsssapi-keyex authentication method when specified in
    AuthenticationMethods
  - Follow the system-wide PATH settings (#1633756)
  - Address some coverity issues
* Mon Sep 24 2018 Jakub Jelen <jjelen@redhat.com> - 7.8p1-3 + 0.10.3-5
  - Disable OpenSSH hardening flags and use the ones provided by system
  - Ignore unknown parts of PKCS#11 URI
  - Do not fail with GSSAPI enabled in match blocks (#1580017)
  - Fix the segfaulting cavs test (#1628962)
* Fri Aug 31 2018 Jakub Jelen <jjelen@redhat.com> - 7.8p1-2 + 0.10.3-5
  - New upstream release fixing CVE 2018-15473
  - Remove unused patches
  - Remove reference to unused enviornment variable SSH_USE_STRONG_RNG
  - Address coverity issues
  - Unbreak scp between two IPv6 hosts
  - Unbreak GSSAPI key exchange (#1624344)
  - Unbreak rekeying with GSSAPI key exchange (#1624344)
* Thu Aug 09 2018 Jakub Jelen <jjelen@redhat.com> - 7.7p1-6 + 0.10.3-4
  - Fix listing of kex algoritms in FIPS mode
  - Allow aes-gcm cipher modes in FIPS mode
  - Coverity fixes
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 7.7p1-5.1
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jul 03 2018 Jakub Jelen <jjelen@redhat.com> - 7.7p1-5 + 0.10.3-4
  - Disable manual printing of motd by default (#1591381)
* Wed Jun 27 2018 Jakub Jelen <jjelen@redhat.com> - 7.7p1-4 + 0.10.3-4
  - Better handling of kerberos tickets storage (#1566494)
  - Add pam_motd to pam stack (#1591381)

Files

/usr/lib/.build-id
/usr/lib/.build-id/2d
/usr/lib/.build-id/2d/0ec8300c4436c5e4281077b77e13e1177b9cb5
/usr/lib/.build-id/c9
/usr/lib/.build-id/c9/8a5d8fa15a8b8e5bb7513dad491475d28078b6
/usr/libexec/openssh/ctr-cavstest
/usr/libexec/openssh/ssh-cavs
/usr/libexec/openssh/ssh-cavs_driver.pl


Generated by rpm2html 1.8.1

Fabrice Bellet, Mon May 9 14:25:43 2022