From 240131b9ebef1f3e0a1ff8bcf8e09a7ff0fe5ac2 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Fri, 2 Jul 2021 20:15:32 +0200 Subject: [PATCH] - Fixes system hang issue when booted in FIPS mode - Temporarily disable downstream FIPS patches Related: rhbz#1977318 Signed-off-by: Sahana Prasad --- openssl.spec | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/openssl.spec b/openssl.spec index 44ed018..4b6e657 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha16.4%{?dist} +Release: 0.alpha16.5%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -47,9 +47,9 @@ Patch6: 0006-Disable-signature-verification-with-totally-unsafe-h.patch # Add support for PROFILE=SYSTEM system default cipherlist Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch # Add FIPS_mode() compatibility macro -Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch +#Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch # Add check to see if fips flag is enabled in kernel -Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch +#Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch # Avoid sending alerts after shutdown Patch10: 0010-Avoid-sending-alert-after-shutdown.patch # remove unsupported EC curves @@ -383,6 +383,11 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Fri Jul 02 2021 Sahana Prasad 3.0.0-0.alpha16.5 +- Fixes system hang issue when booted in FIPS mode (sahana@redhat.com) +- Temporarily disable downstream FIPS patches +- Related: rhbz#1977318 + * Fri Jun 11 2021 Mohan Boddu 3.0.0-0.alpha16.4 - Speeding up building openssl (dbelyavs@redhat.com) Resolves: rhbz#1903209