Project

General

Profile

Actions

Bug #26119

closed

puppet-certs uses md5 internally to check for difference between expected and actual certs (might break in FIPS)

Added by Ivan Necas almost 5 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Foreman modules
Target version:
Difficulty:
Triaged:
No
Found in Releases:

Description

There is 0 security implication of this issue and it doesn't break with puppet in FIPS either, as
by default, puppet is statically linked with their openssl distribution. We should however
not consciously use md5 and other non-FIPS compliant algorithms.

Actions #1

Updated by The Foreman Bot almost 5 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/puppet-certs/pull/246 added
Actions #2

Updated by Ewoud Kohl van Wijngaarden almost 5 years ago

  • Status changed from Ready For Testing to Closed
  • Target version set to 1.22.0
  • Fixed in Releases 1.22.0 added
Actions #3

Updated by Ewoud Kohl van Wijngaarden almost 5 years ago

  • Fixed in Releases 1.20.3, 1.21.1 added
Actions #4

Updated by Ewoud Kohl van Wijngaarden over 4 years ago

  • Fixed in Releases deleted (1.20.3)

This was released as puppet-certs 4.4.3 but Katello 3.10 includes 4.4.2. There likely won't be a Katello 3.10.2 to include this.

Actions

Also available in: Atom PDF