<div class="container">
<h1>Recommended update for crypto-policies</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-RU-2026:21105-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2026-04-13T13:10:36Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>moderate</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1252696">bsc#1252696</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1253025">bsc#1253025</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">SUSE Linux Micro 6.2</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that has two fixes can now be installed.</p>
<h2>Description:</h2>
<p>This update for crypto-policies fixes the following issues:</p>
<ul>
<li>Fix the testsuite:<ul>
<li>Port all the policy changes to the config files in the test suite.</li>
<li>Use the newly introduced SKIP_LINTING=1 option.</li>
</ul>
</li>
<li>Adapt the manpages to SUSE/openSUSE:<ul>
<li>Add crypto policies SUSE manpages</li>
<li>Compress all the man pages for update-crypto-policies.8.gz,
crypto-policies.7.gz, fips-finish-install.8.gz and
fips-mode-setup.8.gz into man-crypto-policies.tar.xz</li>
</ul>
</li>
<li>Update to version 20250714.cd6043a: (bsc#1253025, bsc#1252696)<ul>
<li>gnutls: enable ML-DSA, for both secure-sig and secure-sig-for-cert</li>
<li>python, policies, tests: alias X25519-MLKEM768 to MLKEM768-X25519</li>
<li>FIPS: disable MLKEM768-X25519 for openssh (no-op)</li>
<li>FIPS: deprioritize X25519-MLKEM768 over P256-MLKEM768 for openssl...</li>
<li>TEST-PQ: be more careful with the ordering</li>
<li>openssl: send one PQ and one classic key_share; prioritize PQ groups</li>
<li>sequoia: Generate AEAD policy</li>
<li>Do not include EdDSA in FIPS policy</li>
<li>sequoia: Add PQC algorithm</li>
<li>sequoia: Run tests against PQC capable policy-config-check</li>
<li>Revert "openssl, policies: implement group_key_share option"</li>
<li>openssl, policies: implement group_key_share option</li>
<li>FIPS: enable hybrid ML-KEM (TLS only) and pure ML-DSA</li>
<li>python/build-crypto-policies: output diffs on --test mismatches</li>
<li>sequoia, rpm-sequoia: use ignore_invalid with sha3, x25519, ...</li>
<li>policies, alg_lists, openssl: remove KYBER from allowed values</li>
<li>openssl: stricter enabling of Ciphersuites</li>
<li>openssl: make use of -CBC and -AESGCM keywords</li>
<li>openssl: add TLS 1.3 Brainpool identifiers</li>
<li>fix warning on using experimental key_exchanges</li>
<li>update-crypto-policies: don't output FIPS warning in fips mode</li>
<li>openssh: map mlkem768x25519-sha256 to KEM-ECDH and MLKEM768-X25519 and SHA2-256</li>
<li>openssh, libssh: refactor kx maps to use tuples</li>
<li>alg_lists: mark MLKEM768/SNTRUP kex experimental</li>
<li>nss: revert enabling mlkem768secp256r1</li>
<li>nss: add mlkem768x25519 and mlkem768secp256r1, remove xyber</li>
<li>gnutls: add GROUP-X25519-MLKEM768 and GROUP-SECP256R1-MLKEM768</li>
<li>openssl: use both names for SecP256r1MLKEM768 / X25519MLKEM768</li>
<li>openssh, TEST-PQ: rename MLKEM key_exchange to MLKEM768</li>
<li>openssh: add support for sntrup761x25519-sha512 and mlkem768x25519-sha256</li>
<li>LEGACY: enable 192-bit ciphers for nss pkcs12/smime</li>
<li>openssl: map NULL to TLS_SHA256_SHA256:TLS_SHA384_SHA384...</li>
<li>nss: be stricter with new purposes</li>
<li>python/update-crypto-policies: pacify pylint</li>
<li>fips-mode-setup: tolerate fips dracut module presence w/o FIPS</li>
<li>fips-mode-setup: small Argon2 detection fix</li>
<li>SHA1: add __openssl_block_sha1_signatures = 0</li>
<li>fips-mode-setup: block if LUKS devices using Argon2 are detected</li>
<li>update-crypto-policies: skip warning on --set=FIPS if bootc</li>
<li>fips-setup-helper: skip warning, BTW</li>
<li>fips-mode-setup: force --no-bootcfg when UKI is detected</li>
<li>fips-crypto-policy-overlay: automount FIPS policy</li>
<li>nss: rewrite backend for 3.101</li>
<li>cryptopolicies: parent scopes for dumping purposes</li>
<li>policygenerators: move scoping inside generators</li>
<li>openssh: make dss no longer enableble, support is dropped</li>
<li>gnutls: wire GROUP-X25519-KYBER768 to X25519-KYBER768</li>
<li>TEST-PQ: disable pure Kyber768</li>
<li>DEFAULT: switch to rh-allow-sha1-signatures = no...</li>
<li>java: drop unused javasystem backend</li>
<li>java: stop specifying jdk.tls.namedGroups in javasystem</li>
<li>ec_min_size: introduce and use in java, default to 256</li>
<li>java: use and include jdk.disabled.namedCurves</li>
<li>BSI: Update BSI policy for new 2024 minimum recommendations</li>
<li>fips-mode-setup: flashy ticking warning upon use</li>
<li>fips-mode-setup: add another scary "unsupported"</li>
<li>BSI: switch to 3072 minimum RSA key size</li>
<li>java: make hash, mac and sign more orthogonal</li>
<li>java: specify jdk.tls.namedGroups system property</li>
<li>java: respect more key size restrictions</li>
<li>java: disable anon ciphersuites, tying them to NULL...</li>
<li>java: start controlling / disable DTLSv1.0</li>
<li>nss: wire KYBER768 to XYBER768D00</li>
</ul>
</li>
<li>Update to version 20250425.9267dee:<ul>
<li>openssl: fix mistakes in integrity-only cipher definitions</li>
<li>NO-PQ, cryptopolicies: add experimental value suppression</li>
<li>nss: add mlkem768x25519 and mlkem768secp256r1</li>
<li>gnutls: 'allow-rsa-pkcs1-encrypt = false' everywhere but in LEGACY</li>
<li>TEST-PQ, openssh: add support for MLKEM768 key_exchange</li>
<li>LEGACY: drop cipher@pkcs12 = SEED-CBC</li>
<li>fips-crypto-policy-overlay: automount FIPS policy, follow-up fixes</li>
<li>nss: TLS-REQUIRE-EMS in FIPS</li>
<li>DEFAULT: disable RSA key exchange</li>
<li>LEGACY: disable sign = *-SHA1</li>
<li>nss: wire XYBER768D00 to X25519-KYBER768, not KYBER768</li>
</ul>
</li>
<li>Add the FIPS scripts fips-finish-install and fips-mode-setup as
sources in the spec file as they have been removed upstream.<ul>
<li>We will maintain these scripts downstream.</li>
<li>Update the man pages for update-crypto-policies.8.gz</li>
<li>Add crypto policies FIPS output</li>
<li>Add man pages in text file in compressed form in the file
man-fips-scripts.tar.xz and add them to the Makefile.</li>
</ul>
</li>
<li>Update to version 20250324.3714354:<ul>
<li>NO-PQ: introduce</li>
<li>LEGACY/DEFAULT/FUTURE: enable hybrid ML-KEM and pure ML-DSA</li>
<li>_openssl_block_sha1_signatures: flip the default to 1</li>
<li>sequoia: add sha3, x25519, ed25519, x448, ed448, but not for rpm-sequoia</li>
<li>sequoia: refactor a bit</li>
<li>openssl: specify default key size for req</li>
<li>gnutls: support P384-MLKEM1024</li>
<li>openssl: stop generating <code>openssl</code> in favour of <code>opensslcnf</code></li>
<li>gnutls: drop kyber (switching to leancrypto took it away)</li>
<li>openssl: use both names for P384-MLKEM1024</li>
<li>Detect the presence of nss-policy-check</li>
<li>Don't use hardcoded python3 path</li>
<li>Make xsltproc settable as XSLTPROC</li>
<li>python/cryptopolicies/validation/scope.py: fix new ruff rule RUF021</li>
<li>Update the info in the README.SUSE file</li>
<li>Remove the FEDORA policies and directories</li>
</ul>
</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Linux Micro 6.2
<br/>
<code>zypper in -t patch SUSE-SL-Micro-6.2-544=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Linux Micro 6.2 (noarch)
<ul>
<li>crypto-policies-scripts-20250714.cd6043a-160000.1.1</li>
<li>crypto-policies-20250714.cd6043a-160000.1.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1252696">https://bugzilla.suse.com/show_bug.cgi?id=1252696</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1253025">https://bugzilla.suse.com/show_bug.cgi?id=1253025</a>
</li>
</ul>
</div>