From: Alexandre Oliva <aoliva@redhat.com>
Date: Wed, 10 Oct 2012 10:06:03 +0000 (-0300)
Subject: * NEWS: Add note about FIPS mode.  Wording suggested by Roland
X-Git-Tag: upstream/2.30~10167
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=89a3ad0b6e7cfd7bc5588e8bbf243e99a0b8562d;p=external%2Fglibc.git

* NEWS: Add note about FIPS mode.  Wording suggested by Roland
McGrath.
---

diff --git a/ChangeLog b/ChangeLog
index 98561a2..b106e0e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
 2012-10-10  Alexandre Oliva <aoliva@redhat.com>
 
+	* NEWS: Add note about FIPS mode.  Wording suggested by Roland
+	McGrath.
+
+2012-10-10  Alexandre Oliva <aoliva@redhat.com>
+
 	* crypt/crypt-entry.c: Include fips-private.h.
 	(__crypt_r, __crypt): Disable MD5 and DES if FIPS is enabled.
 	* crypt/md5c-test.c (main): Tolerate disabled MD5.
diff --git a/NEWS b/NEWS
index 490e4dc..4d18638 100644
--- a/NEWS
+++ b/NEWS
@@ -48,6 +48,12 @@ Version 2.17
   the tty file descriptor in /dev/pts or /dev if /proc is not available.  This
   allows creation of chroots without the procfs mounted on /proc.
 
+* The `crypt' function now fails if passed salt bytes that violate the
+  specification for those values.  On Linux, the `crypt' function will
+  consult /proc/sys/crypto/fips_enabled to determine if "FIPS mode" is
+  enabled, and fail on encrypted strings using the MD5 or DES algorithm
+  when the mode is enabled.
+
 
 Version 2.16