Fix a FIXME in the openssl.cnf(5) manpage

Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-04-20 15:47:37 +02:00 · 2022-04-20 15:47:37 +02:00 · 0eaa0014c9
parent 0967bb5953
commit 0eaa0014c9
2 changed files with 2 additions and 1 deletions
--- a/0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch
+++ b/0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch
@ -86,7 +86,7 @@ index 0c9110d28a..02e7ca706f 100644
 
 +Note that enabling B<rh-allow-sha1-signatures> will allow TLS signature
 +algorithms that use SHA1 in security level 1, despite the definition of
-+security level 1 of FIXME bits of security, which SHA1 does not meet.  This
+security level 1 of 80 bits of security, which SHA1 does not meet.  This
 +allows using SHA1 in TLS in the LEGACY crypto-policy on Fedora without
 +requiring to set the security level to 0, which would include further insecure
 +algorithms.
--- a/openssl.spec
+++ b/openssl.spec
@ -405,6 +405,7 @@ install -m644 %{SOURCE9} \
 %changelog
 * Wed Apr 20 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.2-3
 - Disable SHA-1 by default in ELN using the patches from CentOS
+- Fix a FIXME in the openssl.cnf(5) manpage

 * Thu Apr 07 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.2-2
 - Silence a few rpmlint false positives.