Overview

File _patchinfo of Package patchinfo.295

<patchinfo incident="295">
  <issue id="856316" tracker="bnc">FIPS: openssh tracker bug</issue>
  <issue id="912436" tracker="bnc">regression due to urandom reseeding</issue>
  <issue id="855676" tracker="bnc">FIPS: openssh tracker bug</issue>
  <category>recommended</category>
  <rating>moderate</rating>
  <packager>pcerny</packager>
  <description>
This update adjusts various parts of openssh (paramaters and available
cipher lists) in regards to FIPS certification.

Adjustments done:
- Some Key exchange modifications were done for FIPS, removing
  algorithms no longer allowed in FIPS mode.

- Only use Diffie Hellmann groups with 2048 bits or more in FIPS mode.

- Allow "stat" call in seccomp sandbox due to reseeding changes in openssl.
</description>
  <summary>Recommended update for openssh</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places