Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-4929

UBI8 image has outdated python39-cryptography; required usage for FIPS-140

XMLWordPrintable

    • None
    • None
    • sst_idm_ipa
    • ssg_idm
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • If docs needed, set a value
    • None

      Description of problem:
      UBI8 image ships with an older python-cryptography. Needs updating to cryptography 39.0.0 or greater.

      Version-Release number of selected component (if applicable):
      3.3.1

      How reproducible:

      • Simply use the UBI8 image and install package python39-cryptography.

      Steps to Reproduce:
      1. Create docker image from UBI8 (ex. FROM registry.access.redhat.com/ubi8/ubi-minimal)
      2. dnf install python39-cryptography
      3. grep -r -H "unsafe_skip_rsa_key_validation" /usr/lib64/python3.9/site-packages/cryptography

      Actual results:
      No grep results since "unsafe_skip_rsa_key_validation" became available in cryptography 39.0.0

      Expected results:
      grep results -
      hazmat/primitives/asymmetric/rsa.py: unsafe_skip_rsa_key_validation: bool = False,
      hazmat/primitives/asymmetric/rsa.py: self, unsafe_skip_rsa_key_validation
      ...etc...

      Additional info:

            cheimes@redhat.com Christian Heimes
            jira-bugzilla-migration RH Bugzilla Integration
            Kaleemullah Siddiqui Kaleemullah Siddiqui
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: