RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 2026636 - Rebase to latest version 1.10.x when available
Summary: Rebase to latest version 1.10.x when available
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: libgcrypt
Version: 9.0
Hardware: Unspecified
OS: Unspecified
high
unspecified
Target Milestone: rc
: 9.0
Assignee: Jakub Jelen
QA Contact: Stanislav Zidek
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-11-25 11:19 UTC by Jakub Jelen
Modified: 2022-05-17 16:18 UTC (History)
1 user (show)

Fixed In Version: libgcrypt-1.10.0-1.el9
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Rebase package(s) to version: 1.10.0 Highlights, important fixes, or notable enhancements: * Support for FIPS 140-3 * New FIPS Service Indicators API for symmetric ciphers and KDFs * Disable DSA and DES in FIPS mode * New API to leave FIPS mode * update jitter entropy generator to 3.3.0 * Store the HMAC integrity checksums inside of the library ELF section .rodata * enforce required RSA and HMAC key sizes * new API for digest and signature/verification, enforcing the digest requirement (not allowing SHA-1) * run the HMAC SHA256 selftest before checking the library integrity * allow using RSA keys > 3k * remove CAVS tests scripts * remove the support for the forced FIPS mode using API or configuration file * remove a way to automatically inactivate FIPS mode when non-approved algorithm is used. * Support LIBGCRYPT_FORCE_FIPS_MODE to get library into FIPS mode * enable hardware optimizations * Simplify random gatherer to use getentropy() * Improve test coverage * hardware optimizations and hardening for various ciphers and modes on different architectures * AES-GCM optimization on ppc64le * GCM-SIV mode on ARMv8-CE, x86 * s390x accelerated scalar multiplication for ECC * Support for key wrapping with padding * Remove support for random daemon * support for GCM-SIV and SIV cipher modes
Clone Of:
Environment:
Last Closed: 2022-05-17 15:52:38 UTC
Type: Bug
Target Upstream Version:
Embargoed:
pm-rhel: mirror+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker CRYPTO-5810 0 None None None 2021-12-08 13:40:15 UTC
Red Hat Issue Tracker RHELPLAN-103939 0 None None None 2021-11-25 11:20:59 UTC
Red Hat Product Errata RHBA-2022:3941 0 None None None 2022-05-17 15:52:44 UTC

Description Jakub Jelen 2021-11-25 11:19:54 UTC 
The version 1.10.x will have most of our downstream patches applied. This is a rebase bug to bring the changes to RHEL9 and drop no longer needed downstream patches.
Comment 1 Jakub Jelen 2021-12-07 11:47:42 UTC 
The upstream release issue has date set to 17. 1. 2022 so we can expect getting the release into RHEL9 by the end of January

[1] https://dev.gnupg.org/T5691
Comment 11 errata-xmlrpc 2022-05-17 15:52:38 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (new packages: libgcrypt), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:3941
Note You need to log in before you can comment on or make changes to this bug.