https://bugzilla.suse.com/show_bug.cgi?id=1205789 https://bugzilla.suse.com/show_bug.cgi?id=1205789#c4 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS --- Comment #4 from Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> --- (In reply to Dominique Leuenberger from comment #3)

(In reply to Pedro Monreal Gonzalez from comment #1)

...

Yes, MD5 is not FIPS an approved hash algorithm, its non-FIPS compliant. I understand that these set of tests are run in FIPS mode, right? If that's the case, these test should be adapted to not use MD5.

Keep in mind: the test did not change in quite some time and passed (so either it wrongly accepted MD5 in fips mode or some code change is responsible)

The snapshot first showing the error was the one where libgcrypt was updated to 1.10.1 (sr#1038228)

Yes, MD5 has been marked as non approved in FIPS mode for 1.10.x. This has been done in the context of the FIPS 140-3 adaption of the code. For reference, here is the upstream commit: * https://dev.gnupg.org/rCce1cbe16992a7340edcf8e6576973e3508267640 I'm not sure who to assign the bug for further adaption in QA testing script. -- You are receiving this mail because: You are on the CC list for the bug.