The libkcapi packages includes a new -T option that specifies target file names in hash-sum calculations. This option must be used with the -c option that specifies the HMAC files and overrides the target file names specified in the HMAC file. For example:

$ sha256hmac -c <hmac_file> -T <target_file>

The system-wide cryptographic policies (crypto-policies) can be configured with options that control handling of message authentication codes (MACs) for the SSH protocol. The crypto-policies option ssh_etm is now a tri-state etm@SSH option. The previous ssh_etm option has been deprecated.

You can set ssh_etm to one of the following values:

Ciphers that use implicit MACs are always allowed because they use authenticated encryption.

The semanage fcontext -l -C command is updated to display rules in the file_contexts.local file in the correct order, from oldest to newest, to improve SELinux rule management when using the restorecon command, which processes entries by age.

Several new rules are added to the SELinux policy that confine the following systemd services:

• nvme-stas

• realmd

Services that are affected by this update no longer run with the unconfined_service_t SELinux label, and can run successfully in SELinux enforcing mode.

The SELinux policy includes rules to confine the chronyd-restricted service. The service runs successfully in SELinux enforcing mode.

The SELinux user-space component packages are updated to version 3.6. The following component packages are updated:

• libsepol
• libselinux
• libsemanage
• policycoreutils
• checkpolicy
• mcstrans

Notable changes include:

• Addition of deny rules in SELinux Common Intermediate Language (CIL)
• Addition of notself and other keywords in CIL.
• New getpolicyload utility that prints the number of policy reloads.

The gnutls package is updated to version 3.8.3. Notable changes include:

• The gnutls_hkdf_expand function only accepts arguments with lengths less than or equal to 255 times hash digest size, to comply with RFC 5869 2.3.
• Length limit for TLS PSK usernames has been increased to 65535 characters.
• The gnutls_session_channel_binding API function performs further checks when GNUTLS_CB_TLS_EXPORTER is requested according to RFC9622 4.2.
• The GNUTLS_NO_STATUS_REQUEST flag and the %NO_STATUS_REQUEST priority modifier are added so that the status_request TLS extension can be disabled on the client side.
• GnuTLS ensures that the contents of the Change Cipher Spec message is equal to 1 when the TLS version is older than 1.3.
• TLS extensions in ClientHello messages are shuffled to harden fingerprinting.
• GnuTLS can perform EdDSA key generation on PKCS #11 tokens.

The nettle package is updated to version 3.9.1. Notable changes include:

• Includes Balloon password hashing.
• Includes SM4 block cipher.
• Includes SIV-GCM authenticated encryption mode.
• Includes OCB authenticated encryption mode.
• New exported functions md5_compress, sha1_compress, sha256_compress, sha512_compress.
• Improved performance of the SHA-256 hash function for x86_64 platforms.
• Improved performance of the Poly1305 hash function for x86_64 platforms.

OpenSSL uses the fips.so shared library as a FIPS provider. With this update, the latest version of fips.so submitted to the National Institute of Standards and Technology (NIST) for certification is shipped in a separate openssl-fips-provider package. This package ensures that future versions of OpenSSL use certified code or code undergoing certification.

The OpenSSL TLS toolkit provides more atomic integration with provider APIs for installation and configuration of modules that provide cryptographic algorithms. Provider-specific configuration can be defined in separate .conf files in the /etc/pki/tls/openssl.d directory.

The p11-kit package is updated to version 0.25.3 and includes the p11-kit tool for managing PKCS#11 modules, the trust tool for operating on the trust policy store, and the p11-kit library. Notable changes include:

• Added integration with PKCS#11 version 3.0

• The pkcs11.h header file:

  • Added ChaCha20/Salsa20, and Poly1305 mechanisms and attributes

  • Added AES-GCM mechanism parameters for message-based encryption

• The p11-kit tool:

  • Added commands to list and manage objects of a token (list-tokens, list-mechanisms, list-objects, import-object, export-object, delete-object, and generate-keypair)

  • Added commands to manage PKCS#11 profiles of a token (list-profiles, add-profile, and delete-profile)

  • Added the print-config command for printing merged configuration

• The trust tool:

  • Added the check-format command to check the format of .p11-kit files

The libkcapi library is updated to version 1.4.0. Notable changes include:

• Added the sm3sum and sm3hmac tools.

• Added the kcapi_md_sm3 and kcapi_md_hmac_sm3 APIs.

• Added SM4 convenience functions.

• Added link-time optimization (LTO ) and LTO regression testing

• Fixed support for AEAD encryption of an arbitrary size with kcapi-enc.

OpenSSH now uses the sysusers.d format to declare system users. Previously, static useradd scripts were used for this purpose.

OpenSSH artificially delays responses after login failure to prevent user enumeration attacks. An upper limit on artificial delays is applied when remote authentication takes too long, for example in privilege access management (PAM) processing.

The stunnel TLS/SSL tunneling service is updated to version 5.71.

Notable changes include:

• Integration with latest PostgreSQL clients.

• New protocolHeader service-level option to insert custom connect protocol negotiation headers for software impersonation.

• New protocolHost option to control the client SMTP protocol negotiation HELO/EHLO value.

• New client-side protocol = ldap availability.

• New sessionResume service-level option to control whether a session can be resumed.

• Extended option to request client certificates in server mode with CApath or CAfile.

• Improved file reading and logging performance.

• Added a configurable delay for the retry option.

• OCSP stapling is requested and verified when verifyChain is set in client mode.

• OCSP stapling is always available in server mode.

• Inconclusive OCSP verification breaks TLS negotiation. You can disable this by setting OCSPrequire = no.

The audit package is updated to version 3.1.2. Notable changes include:

• The auparse library now interprets unnamed and anonymous sockets.

• Added keyword, this-hour, to the ausearch and aureport command start and end options.

• Added user friendly keywords for signals to the auditctl command.

• The auparse command is hardened to better handle corrupt logs.

• The ProtectControlGroups option is disabled by default in the auditd service.

• Rule checking for the exclude filter is fixed.

• OPENAT2 field interpretation is improved.

• The audispd af_unix plugin is moved to a standalone program.

• The Python binding is updated to disable setting Audit rules from the Python API to resolve an issue in the Simplified Wrapper and Interface Generator (SWIG).

• Added io_uring asynchronous I/O API capability.

Rsyslog is updated to version 8.2310. Notable changes include:

• Customizable TLS/SSL encryption settings

  Rsyslog includes features to configure unique TLS/SSL settings for each connection, including specifying different CA certificates, private keys, public keys, and CRL files for enhanced security and flexibility. For more information and usage, see documentation provided in the rsyslog-doc package.

• Improved capability dropping

  Rsyslog includes new global options to define behavior when dropping capabilities:

  • libcapng.default: Defines how Rsyslog behaves when errors are returned while dropping capabilities. The default value is on, which causes Rsyslog to exit if an error related to libcapng occurs.

  • libcapng.enable Controls whether Rsyslog drops capabilities during startup. If this option is disabled, libcapng.default has no impact and capability dropping is disabled.

The opencryptoki package is updated to version 3.22.0. Notable changes include:

• The AES-XTS key type can be used with the CPACF protected keys.

• Certificate object management.

• A no-login option to create public sessions.

• Authentication as the Security Officer (SO).

• Capability to import and export the Edwards and Montgomery keys.

• Capability to import RSA-PSS keys and certificates.

• Validation that the keys AES-XTS are different when they're created or imported.

Updates to the SCAP Security Guide include the following notable changes:

• Bash remediations are fixed to handle ISO9660 partitions in the fstab.
• The PCI DSS profile is aligned with the PCI DSS policy version 4.0.
• STIG profiles are aligned with the latest DISA STIG policies.