Bug 1671244 - x25519 allowed in FIPS mode [rhel-7.6.z] [NEEDINFO]
Summary: x25519 allowed in FIPS mode [rhel-7.6.z]
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: jss
Version: 7.6
Hardware: All
OS: Linux
high
urgent
Target Milestone: rc
: ---
Assignee: Alex Scheel
QA Contact: Asha Akkiangady
URL:
Whiteboard:
Keywords: TestCaseProvided, ZStream
Depends On: 1669180
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-01-31 08:12 UTC by RAD team bot copy to z-stream
Modified: 2019-03-13 18:45 UTC (History)
3 users (show)

(edit)
Cause: x25519 was incorrectly enabled in FIPS mode TLS handshakes due to an open NSS bug.

Result: x25519 is now disabled in FIPS mode TLS handshakes for programs using JSS.
Clone Of: 1669180
(edit)
Last Closed: 2019-03-13 18:45:39 UTC
bbhavsar: needinfo? (ascheel)


Attachments (Terms of Use)
capture.pcap (6.52 KB, application/vnd.tcpdump.pcap)
2019-02-26 14:41 UTC, bhavik
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:0505 None None None 2019-03-13 18:45 UTC

Description RAD team bot copy to z-stream 2019-01-31 08:12:00 UTC
This bug has been copied from bug #1669180 and has been proposed to be backported to 7.6 z-stream (EUS).

Comment 4 Matthew Harmsen 2019-01-31 22:42:20 UTC
Test Case:

* https://bugzilla.redhat.com/show_bug.cgi?id=1669180#c5

Comment 5 bhavik 2019-02-26 14:41 UTC
Created attachment 1538839 [details]
capture.pcap

Comment 11 errata-xmlrpc 2019-03-13 18:45:39 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0505


Note You need to log in before you can comment on or make changes to this bug.