From https://fedoraproject.org/wiki/Legal/Licenses/LicenseAgreement20 : "5. EXPORT CONTROL. By downloading Fedora software, you acknowledge that you understand all of the following: Fedora software and technical information may be subject to the U.S. Export Administration Regulations (the “EAR”) and other U.S. and foreign laws and may not be exported, re-exported or transferred (a) to any country listed in Country Group E:1 in Supplement No. 1 to part 740 of the EAR (currently, Cuba, Iran, North Korea, Sudan & Syria); (b) to any prohibited destination or to any end user who has been prohibited from participating in U.S. export transactions by any federal agency of the U.S. government; or (c) for use in connection with the design, development or production of nuclear, chemical or biological weapons, or rocket systems, space launch vehicles, or sounding rockets, or unmanned air vehicle systems. You may not download Fedora software or technical information if you are located in one of these countries or otherwise subject to these restrictions. You may not provide Fedora software or technical information to individuals or entities located in one of these countries or otherwise subject to these restrictions. You are also responsible for compliance with foreign law requirements applicable to the import, export and use of Fedora software and technical information. " This is probably now obsolete with US export restriction changes in 2011: https://www.federalregister.gov/articles/2011/01/07/2010-32803/publicly-available-mass-market-encryption-software-and-other-specified-publicly-available-encryption
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle. Changing version to '22'. More information and reason for this action is here: https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22
This should probably go through Red Hat legal, I'm not a lawyer, and this is not legal advice. So after spending time reading through the regulations, it is my opinion that Fedora may want to amend the export language to include a line about having a TSU exception, with ECCN 5D002. Basicly publicly available cryptographic software contained in Fedora is not regulated anymore. For an example of this see the Yocto project [1] export compliance page. A simple one liner on the bottom appears to be the main difference. https://www.yoctoproject.org/tools-resources/export-compliance
The EAR language is correct. Fedora is ECCN 5D002, with a TSU exception, and we have been for quite some time. We keep that information here: https://fedoraproject.org/wiki/Legal:Export