Overview

File _patchinfo of Package patchinfo.16467

<patchinfo incident="16467">
  <issue tracker="bnc" id="1175277">FIPS: libica: missing SHA-3 KAT</issue>
  <issue tracker="bnc" id="1175357">FIPS: libica: Zeroization (needs correction)</issue>
  <issue tracker="bnc" id="1175356">FIPS: libica: integrity checking incorrect</issue>
  <packager>markkp</packager>
  <rating>moderate</rating>
  <category>recommended</category>
  <summary>Recommended update for libica</summary>
  <description>This update for libica fixes the following issues:

Various FIPS related fixes have been applied:

- Fix lack of SHA3 KATs in "make check" processing (bsc#1175277)
- Fix FIPS hmac check (bsc#1175356).
  * Update FIPS support to upstream
  * FIPS check should fail when hmac is missing
    - Create an hmac for the selftest
    - Check that selftest fails without a hmac
    - Hash libica.so.3 rather than libica.so.3.6.0
- Fix Some internal variables used to store sensitive information
  (keys) were not zeroized before returning to the calling application.
  (bsc#1175357)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places