[Bug 95001] Re: Please provide FIPS compliant version
Seth Arnold
95001 at bugs.launchpad.net
Mon Dec 30 03:34:26 UTC 2013
Related: http://marc.info/?l=openssl-announce&m=138747119822324&w=2 --
in short, flaws found in Dual EC DRBG in the FIPS-validated code
demonstrates that the code is under-used and fixing even fairly obvious
flaws isn't allowed.
I'm not keen on turning on OpenSSL's FIPS modes in our releases.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/95001
Title:
Please provide FIPS compliant version
Status in “openssl” package in Ubuntu:
Triaged
Bug description:
Binary package hint: openssl
It should be considered to supply the FIPS validated version of
OpenSSL unless there are major disadvantages to this version.
http://www.oss-institute.org/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/95001/+subscriptions
More information about the foundations-bugs
mailing list