aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlexandre Oliva <aoliva@redhat.com>2012-10-10 07:06:03 -0300
committerAlexandre Oliva <aoliva@redhat.com>2012-10-10 07:06:03 -0300
commit89a3ad0b6e7cfd7bc5588e8bbf243e99a0b8562d (patch)
tree217f9fa7dd6cb96edd1067c4b754f3d85675bdda
parente745142509a427ccb9b14ee94ff24f7f36f7f4b6 (diff)
downloadglibc-89a3ad0b6e7cfd7bc5588e8bbf243e99a0b8562d.tar
glibc-89a3ad0b6e7cfd7bc5588e8bbf243e99a0b8562d.tar.gz
glibc-89a3ad0b6e7cfd7bc5588e8bbf243e99a0b8562d.tar.bz2
glibc-89a3ad0b6e7cfd7bc5588e8bbf243e99a0b8562d.zip
* NEWS: Add note about FIPS mode. Wording suggested by Roland
McGrath.
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--NEWS6
2 files changed, 11 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 98561a2530..b106e0e83b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
2012-10-10 Alexandre Oliva <aoliva@redhat.com>
+ * NEWS: Add note about FIPS mode. Wording suggested by Roland
+ McGrath.
+
+2012-10-10 Alexandre Oliva <aoliva@redhat.com>
+
* crypt/crypt-entry.c: Include fips-private.h.
(__crypt_r, __crypt): Disable MD5 and DES if FIPS is enabled.
* crypt/md5c-test.c (main): Tolerate disabled MD5.
diff --git a/NEWS b/NEWS
index 490e4dca15..4d18638131 100644
--- a/NEWS
+++ b/NEWS
@@ -48,6 +48,12 @@ Version 2.17
the tty file descriptor in /dev/pts or /dev if /proc is not available. This
allows creation of chroots without the procfs mounted on /proc.
+* The `crypt' function now fails if passed salt bytes that violate the
+ specification for those values. On Linux, the `crypt' function will
+ consult /proc/sys/crypto/fips_enabled to determine if "FIPS mode" is
+ enabled, and fail on encrypted strings using the MD5 or DES algorithm
+ when the mode is enabled.
+
Version 2.16
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 17:14:56 +0000