** Description changed: In Ubuntu we provide a cryptographic core based on a small set of packages that we FIPS certify [0]. Applications and libraries should not bundle their own crypto code but should use the cryptographic core to benefit from the certification, but also importantly to reduce bugs due - to small cryptographic libraries that are not monitored for low level - crypto CVEs. This bug is to change libkrb5 to use the openssl crypto - code instead of bundling its own on the next ubuntu release. + to small cryptographic libraries that researchers may not be verifying + crypto vulnerabilities at. This bug is to change libkrb5 to use the + openssl crypto code instead of bundling its own on the next ubuntu + release. [0]. https://ubuntu.com/security/fips
** Description changed: In Ubuntu we provide a cryptographic core based on a small set of packages that we FIPS certify [0]. Applications and libraries should not bundle their own crypto code but should use the cryptographic core to benefit from the certification, but also importantly to reduce bugs due - to small cryptographic libraries that researchers may not be verifying - crypto vulnerabilities at. This bug is to change libkrb5 to use the + to small cryptographic libraries that that are not studied as much as + more popular counterparts. This bug is to change libkrb5 to use the openssl crypto code instead of bundling its own on the next ubuntu release. [0]. https://ubuntu.com/security/fips -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1943530 Title: link libkrb5 with openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1943530/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs