Type: | BUG |
Severity: | NA |
Release Date: | 2024-05-02 |
[3.22.0-3]
- Fix implicit rejection with RSA keys with empty CKA_PRIVATE_EXPONENT
Related: RHEL-22792
[3.22.0-2]
- timing side-channel in handling of RSA PKCS#1 v1.5 padded ciphertexts (Marvin)
Resolves: RHEL-22792
[3.22.0-1]
- Resolves: RHEL-11412, rebase to 3.22.0
- Resolves: RHEL-10569, openCryptoki for PKCS #11 3.0
[3.21.0-8]
- Resolves: #2222592, p11sak tool: slot option does not accept argument 0 for slot index 0
- Resolves: #2222596, p11sak fails as soon as there reside non-key objects
[3.21.0-5]
- add requirement on selinux-policy >= 38.1.14-1 for pkcsslotd policy sandboxing
Related: #2160061
[3.21.0-4]
- add verify attributes for opencryptoki.conf to ignore the verification
Related: #2160061
[3.21.0-3]
- Resolves: #2110497, concurrent MK rotation for cca token
- Resolves: #2110498, concurrent MK rotation for ep11 token
- Resolves: #2110499, ep11 token: PKCS #11 3.0 - support AES_XTS
- Resolves: #2111010, cca token: protected key support
- Resolves: #2160061, rebase to 3.21.0
- Resolves: #2160105, pkcsslotd hardening
- Resolves: #2160107, p11sak support Dilithium and Kyber keys
- Resolves: #2160109, ica and soft tokens: PKCS #11 3.0 - support AES_XTS
[3.19.0-2]
- Resolves: #2044182, Support of ep11 token for new IBM Z Hardware (IBM z16)
[3.19.0-1]
- Resolves: #2126294, opencryptoki fails after generating > 500 RSA keys
- Resolves: #2110314, rebase to 3.19.0
- Resolves: #2110989, openCryptoki key generation with expected MKVP only on CCA and EP11 tokens
- Resolves: #2110476, openCryptoki ep11 token: master key consistency
- Resolves: #2018458, openCryptoki ep11 token: vendor specific key derivation
[3.18.0-4]
- Related: #2044179, do not touch opencryptoki.conf if it is in place already and even if it is unchanged
[3.18.0-3]
- Related: #2044179, fix json output
[3.18.0-2]
- Related: #2044179, add missing strength.conf
[3.18.0-1]
- Resolves: #2044179, rebase to 3.18.0
- Resolves: #2068091, pkcsconf -t failed with Segmentation fault in FIPS mode
- Resolves: #2066763, Dilithium support not available
- Resolves: #2064697, OpenSSL 3.0 Compatibility for IBM Security Libraries and Tools
- Resolves: #2044181, support crypto profiles
- Resolves: #2044180, add crypto counters
[3.17.0-6]
- Resolves: #2066763, Dilithium support not available
[3.17.0-5]
- Resolves: #2064697, ICA/EP11: Support libica version 4
Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
Oracle Linux 9 (aarch64) | opencryptoki-3.22.0-3.el9.src.rpm | 94ac86f816b4f4cfd736a8fc19973d5b | - | ol9_aarch64_baseos_latest |
opencryptoki-3.22.0-3.el9.src.rpm | 94ac86f816b4f4cfd736a8fc19973d5b | - | ol9_aarch64_codeready_builder | |
opencryptoki-3.22.0-3.el9.src.rpm | 94ac86f816b4f4cfd736a8fc19973d5b | - | ol9_aarch64_u4_baseos_base | |
opencryptoki-3.22.0-3.el9.aarch64.rpm | 2e6f9148177b377f3219e67f96ec4197 | - | ol9_aarch64_baseos_latest | |
opencryptoki-3.22.0-3.el9.aarch64.rpm | 2e6f9148177b377f3219e67f96ec4197 | - | ol9_aarch64_u4_baseos_base | |
opencryptoki-devel-3.22.0-3.el9.aarch64.rpm | bb48c9a573a84a51f1c675aae0b266d9 | - | ol9_aarch64_codeready_builder | |
opencryptoki-icsftok-3.22.0-3.el9.aarch64.rpm | 16f0ad689a1c2571fcdffbfea3e45a88 | - | ol9_aarch64_baseos_latest | |
opencryptoki-icsftok-3.22.0-3.el9.aarch64.rpm | 16f0ad689a1c2571fcdffbfea3e45a88 | - | ol9_aarch64_u4_baseos_base | |
opencryptoki-libs-3.22.0-3.el9.aarch64.rpm | 5a618c37489dcb8be85abc9529970862 | - | ol9_aarch64_baseos_latest | |
opencryptoki-libs-3.22.0-3.el9.aarch64.rpm | 5a618c37489dcb8be85abc9529970862 | - | ol9_aarch64_u4_baseos_base | |
opencryptoki-swtok-3.22.0-3.el9.aarch64.rpm | 2580746f0b01a84a1d35cef27dd0649a | - | ol9_aarch64_baseos_latest | |
opencryptoki-swtok-3.22.0-3.el9.aarch64.rpm | 2580746f0b01a84a1d35cef27dd0649a | - | ol9_aarch64_u4_baseos_base | |
Oracle Linux 9 (x86_64) | opencryptoki-3.22.0-3.el9.src.rpm | 94ac86f816b4f4cfd736a8fc19973d5b | - | ol9_x86_64_baseos_latest |
opencryptoki-3.22.0-3.el9.src.rpm | 94ac86f816b4f4cfd736a8fc19973d5b | - | ol9_x86_64_codeready_builder | |
opencryptoki-3.22.0-3.el9.src.rpm | 94ac86f816b4f4cfd736a8fc19973d5b | - | ol9_x86_64_u4_baseos_base | |
opencryptoki-3.22.0-3.el9.x86_64.rpm | 36091880f1a2f052f05eb4f570368d5c | - | ol9_x86_64_baseos_latest | |
opencryptoki-3.22.0-3.el9.x86_64.rpm | 36091880f1a2f052f05eb4f570368d5c | - | ol9_x86_64_u4_baseos_base | |
opencryptoki-devel-3.22.0-3.el9.i686.rpm | 8c129c1fc582b720205c9943afb3f35b | - | ol9_x86_64_codeready_builder | |
opencryptoki-devel-3.22.0-3.el9.x86_64.rpm | 53700ac04739b96902aa7960c9d25c0a | - | ol9_x86_64_codeready_builder | |
opencryptoki-icsftok-3.22.0-3.el9.x86_64.rpm | 14d9f06962f0d8d9d480176879211ff8 | - | ol9_x86_64_baseos_latest | |
opencryptoki-icsftok-3.22.0-3.el9.x86_64.rpm | 14d9f06962f0d8d9d480176879211ff8 | - | ol9_x86_64_u4_baseos_base | |
opencryptoki-libs-3.22.0-3.el9.i686.rpm | 0df7183d1cbada75711526e5f2270d5d | - | ol9_x86_64_baseos_latest | |
opencryptoki-libs-3.22.0-3.el9.i686.rpm | 0df7183d1cbada75711526e5f2270d5d | - | ol9_x86_64_u4_baseos_base | |
opencryptoki-libs-3.22.0-3.el9.x86_64.rpm | 320e650440f368cf74f18e3b2fff0bf8 | - | ol9_x86_64_baseos_latest | |
opencryptoki-libs-3.22.0-3.el9.x86_64.rpm | 320e650440f368cf74f18e3b2fff0bf8 | - | ol9_x86_64_u4_baseos_base | |
opencryptoki-swtok-3.22.0-3.el9.x86_64.rpm | 277bea18fff7a51b271c79701a5a639d | - | ol9_x86_64_baseos_latest | |
opencryptoki-swtok-3.22.0-3.el9.x86_64.rpm | 277bea18fff7a51b271c79701a5a639d | - | ol9_x86_64_u4_baseos_base |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team