[Bug 2107773] Re: [SRU] Enabling FIPS causes SALT to be 8 bytes, but OpenSSL 3.0.2 checks if SALT is < 16 bytes, breaking Dovecot and possibly other packages.

Launchpad Bug Tracker Thu, 13 Nov 2025 09:41:12 -0800

This bug was fixed in the package dovecot - 1:2.3.16+dfsg1-3ubuntu2.6

---------------
dovecot (1:2.3.16+dfsg1-3ubuntu2.6) jammy; urgency=medium


  * Update PBKDF2 salt length to be FIPS 140-3 compliant (LP: #2107773).
    - d/p/fips-pbkdf2-fix-invalid-salt-length.patch
    - d/p/fix-leaking-virtual-mailbox.patch: removed patch,
      failed validation (LP: 1992848)

dovecot (1:2.3.16+dfsg1-3ubuntu2.5) jammy; urgency=medium

  * Re-introduce fix from 1:2.3.16+dfsg1-3ubuntu2.3:
    - d/p/fix-leaking-virtual-mailbox.patch: Fix leak/crash when failing to
      open virtual mailboxes.
      (LP: #1992848)

 -- Eric Berry <[email protected]>  Thu, 06 Nov 2025 12:28:40
+0100

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107773

Title:
  [SRU] Enabling FIPS causes SALT to be 8 bytes, but OpenSSL 3.0.2
  checks if SALT is < 16 bytes, breaking Dovecot and possibly other
  packages.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/2107773/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2107773] Re: [SRU] Enabling FIPS causes SALT to be 8 bytes, but OpenSSL 3.0.2 checks if SALT is < 16 bytes, breaking Dovecot and possibly other packages.

Reply via email to