Fedora Updates System

9 Comments

asosedkin commented & provided feedback on openssl-3.2.4-3.fc43 a week ago

karma

my manual testing shows it fixes bz2351864

asosedkin commented on crypto-policies-20250305-3.gita35b0fa.fc43 a week ago

sigh, s/buggy openssl 1:3.2.4-3/buggy openssl 1:3.2.4-2/ in the comment above ^

asosedkin commented on crypto-policies-20250305-3.gita35b0fa.fc43 a week ago

Yes, this is intentional to drive people off the buggy openssl 1:3.2.4-3, so it'll have to land after https://koji.fedoraproject.org/koji/buildinfo?buildID=2678560 lands

asosedkin commented on crypto-policies-20250214-1.gitff7551b.fc42 a month ago

Removing fips-mode-setup is a Fedora Change detailed in https://fedoraproject.org/wiki/Changes/RemoveFipsModeSetup

asosedkin commented on crypto-policies-20240715-1.gitf8b6a29.fc41 8 months ago

Wow, thanks for the detailed analysis and the recommendation! Definitely an oversight from my side (thought -f was enough), will follow-up with a fix...

asosedkin provided feedback on openssh-9.6p1-1.fc40.4 8 months ago

karma

BZ#2294904 CVE-2024-6387 openssh: Possible remote code execution due to a race condition in signal handling [fedora-40]

asosedkin commented & provided feedback on crypto-policies-20220824-2.git2187e9c.eln121 2 years ago

karma

This is built from the wrong branch (rawhide instead of eln), please untag! The package is very very different between the branches, and this update, if it works at all, lowers the security of the system.

Possibly with openssh ELN build depending on non-existent-in-ELN-yet version of crypto-policies.

asosedkin commented & provided feedback on openssh-8.8p1-7.fc37 2 years ago

karma

Test from https://fedoraproject.org/wiki/QA:Testcase_OpenSSH passes

RequiredRSASize works, as either RequiredRSASize or RSAMinSize, in config or on cmdline.

Test Case OpenSSH

asosedkin commented & provided feedback on openssl-1.1.1j-1.fc34 4 years ago

karma

Works, fixes RSA-PSS.