-
Bug
-
Resolution: Unresolved
-
Major
-
rhel-9.7
-
crypto-policies-20250905-1.git377cc42.el9_7
-
No
-
Moderate
-
1
-
rhel-security-crypto-spades
-
30
-
None
-
False
-
False
-
-
Yes
-
Crypto25September
-
Approved Exception
-
-
Requested
-
Enabled
-
Automated
-
Known Issue
-
(please refer to and keep in sync with https://issues.redhat.com/browse/RHEL-112392)
-
Proposed
-
Unspecified
-
Unspecified
-
Unspecified
-
None
With current behaviour of RHEL-9.7 pqrpm, verification of dual-signed RPM packages fails if some of the algorithms is disabled in crypto-policies.
To prevent breaking the system, we need to enable PQ algorithms in all rpm-sequoia crypto policies before the proper fix is introduced (see the epic for high level plan).
- blocks
-
RHEL-112701 remove workaround for allowing PQ signatures in all rpm-sequoia crypto-policies (RHEL-9)
-
- Planning
-
- links to
-
RHBA-2025:150605 crypto-policies bug fix and enhancement update