Oracle Linux 6278 Published by

A libgcrypt bug fix and enhancement update has been released for Oracle Linux 9.



El-errata: ELBA-2023-1698 Oracle Linux 9 libgcrypt bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2023-1698

  http://linux.oracle.com/errata/ELBA-2023-1698.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libgcrypt-1.10.0-10.el9_1.i686.rpm
libgcrypt-1.10.0-10.el9_1.x86_64.rpm
libgcrypt-devel-1.10.0-10.el9_1.i686.rpm
libgcrypt-devel-1.10.0-10.el9_1.x86_64.rpm

aarch64:
libgcrypt-1.10.0-10.el9_1.aarch64.rpm
libgcrypt-devel-1.10.0-10.el9_1.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol9/SRPMS-updates//libgcrypt-1.10.0-10.el9_1.src.rpm


Description of changes:

[1.10.0-10]
- Provide FIPS indicators for MD and HMACs
- Improve PCT tests for ECDSA and always run them after key is generated
- Add missing guards for FIPS status in md_sign/verify function
- Provider FIPS indicators for public key operation flags

[1.10.0-9]
- Avoid usage of invalid arguments sizes for PBKDF2 in FIPS mode
- Do not allow large salt lengths with RSA-PSS padding
- Disable X9.31 key generation in FIPS mode
- Update the FIPS integrity checking code to upstream version
- Update cipher modes FIPS indicators for AES WRAP and GCM
- Disable jitter entropy generator

[1.10.0-8]
- Fix unneeded PBKDF2 passphrase length limitation in FIPS mode
- Enforce HMAC key lengths in MD API in FIPS mode

_______________________________________________