El-errata: ELBA-2023-1698 Oracle Linux 9 libgcrypt bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2023-1698
http://linux.oracle.com/errata/ELBA-2023-1698.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
libgcrypt-1.10.0-10.el9_1.i686.rpm
libgcrypt-1.10.0-10.el9_1.x86_64.rpm
libgcrypt-devel-1.10.0-10.el9_1.i686.rpm
libgcrypt-devel-1.10.0-10.el9_1.x86_64.rpm
aarch64:
libgcrypt-1.10.0-10.el9_1.aarch64.rpm
libgcrypt-devel-1.10.0-10.el9_1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//libgcrypt-1.10.0-10.el9_1.src.rpm
Description of changes:
[1.10.0-10]
- Provide FIPS indicators for MD and HMACs
- Improve PCT tests for ECDSA and always run them after key is generated
- Add missing guards for FIPS status in md_sign/verify function
- Provider FIPS indicators for public key operation flags
[1.10.0-9]
- Avoid usage of invalid arguments sizes for PBKDF2 in FIPS mode
- Do not allow large salt lengths with RSA-PSS padding
- Disable X9.31 key generation in FIPS mode
- Update the FIPS integrity checking code to upstream version
- Update cipher modes FIPS indicators for AES WRAP and GCM
- Disable jitter entropy generator
[1.10.0-8]
- Fix unneeded PBKDF2 passphrase length limitation in FIPS mode
- Enforce HMAC key lengths in MD API in FIPS mode
_______________________________________________
A libgcrypt bug fix and enhancement update has been released for Oracle Linux 9.
