Munguva pfupi yapfuura nhau dzakaburitswa nevagadziri veFedora chirongwa uye ndezvekuti vakazivisa chirongwa chekudzima rutsigiro rweSHA-1 siginecha yedhijitari yekuburitswa kwe "Fedora Linux 39".
Zvinonzi chirongwa chekudzima masiginecha chinoreva kubvisa kuvimba mumasiginecha anoshandisa SHA-1 hashes (SHA-224 ichaziviswa seyakanyanya kubvumidzwa mumasiginecha edhijitari), asi kuchengeta rutsigiro rweHMAC neSHA-1 uye nekupa kugona kugonesa iyo LEGACY mbiri neSHA-1.
Chikonzero chikuru nei vagadziri veFedora vasvika pamhedziso iyi ndechekuti kupera kwerutsigiro rweSHA-1 yakavakirwa masiginecha. imhaka yekuwedzera kwekubudirira kwekurovera kurwisa nechivakashure chakapihwa (mutengo wekusarudza kudhumhana unofungidzirwa pamakumi emakumi ezviuru zvemadhora). Pamusoro peiyo mumabhurawuza, zvitupa zvakatenderwa uchishandisa iyo SHA-1 algorithm yakamisikidzwa seisina kuchengetedzeka kubva pakati pa2016.
Shanduko huru panguva ino ichave yekusavimba neSHA-1 siginecha.
paiyo cryptographic library level, inokanganisa zvinopfuura TLS chete.OpenSSL ichatanga kuvharira kusikwa uye kusimbiswa kwemasaini nekusarudzika,
nekunaya kwemvura kunenge kwakaringana
kuti isu tiite shanduko kuburikidza nematenderedzwa akawanda
nezviziviso zvakawanda
kupa vanogadzira uye vanochengeta nguva yakakwana yekuita.
Zvakakodzera kutaura kuti mushure mekushandisa shanduko dzakatsanangurwa, raibhurari yeOpenSSL inozovhara chizvarwa uye kusimbiswa kwemasaini neSHA-1.
Deactivation inorongwa kuti iitwe mumatanho akati wandei, sezviri muFedora Linux 36 uye 37 kuburitswa, SHA-1 yakavakirwa masiginecha ichabviswa kubva ku "FUTURE" mutemo, pamwe ndinoronga kupa bvunzo mutemo TEST-FEDORA39 kudzima SHA-1 pachikumbiro chemushandisi (update -crypto-policy - set TEST-FEDORA39), paunenge uchigadzira uye uchisimbisa SHA-1 yakavakirwa masiginecha, yambiro icharatidzwa murogi.
YeFedora 39, iyo marongero ichave, mune TLS maonero:
NHAU
MAC: ese maHMAC ane SHA1 kana yepamusoro + ese azvino MACs (Poly1305, nezvimwewo)
Curves: ese maprimes> = 255 bits (kusanganisira Bernstein curves)
Siginecha algorithms: SHA-1 hashi kana zvirinani (hapana DSA)
Ciphers: zvese zviripo> 112-bit kiyi,>= 128-bit block (hapana RC4 kana 3DES)
Kuchinjana kwakakosha: ECDHE, RSA, DHE (pasina DHE-DSS)
DH paramende saizi: > = 2048
RSA Parameter Size:>=2048
TLS mitemo: TLS> = 1.2
Mushure meizvozvo, panguva ye pre-beta kuburitswa kweFedora Linux 38, iyo repository ichange iine mutemo unopesana neSHA-1 siginecha, asi shanduko iyi haizoshande kune beta uye kuburitswa kweFedora Linux 38. Nekuburitswa kweFedora Linux 39, iyo SHA-1 siginicha yekubvisa mutemo inozoshandiswa nekusingaperi.
Hurongwa uhu husati hwaongororwa neFESCo (Fedora Engineering Steering Committee), iyo inobata chikamu chehunyanzvi chekuvandudza kwekugovera kweFedora.
Ukuwo, Izvo zvakakoshawo kuwedzera kuti muRed Hat yayambirwa nezve kupera kwekutsigirwa kweGTK 2 raibhurari, kutanga nebazi rinotevera reRed Hat Enterprise Linux.
Iyo gtk2 package haizosanganisirwe muRHEL 10 kuburitswa, iyo inongotsigira GTK 3 uye GTK 4. GTK 2 yakabviswa nekuda kwekuderedzwa kweiyo toolset uye kushaikwa kwekutsigirwa kwehunyanzvi hwemazuva ano seWayland, HiDPI, uye HDR.
Iyo kiti yekushandisa yatiitira nekutenda, asi yave kutanga kuratidza zera rayo maererano neazvino matekinoroji seWayland, HiDPI kuratidza, HDR, uye mamwe.
Zvirongwa zvinoramba zvakasungwa kuGTK 2, zvakadai seGIMP neArdour, zvinotarisirwa kuva nenguva yekutamira kumatavi matsva eGTK pamberi pe2025, iyo inotarisirwa kusunungura RHEL 10. MuBuntu 22.04, 504 mapakeji anoshandisa libgtk2 seanotsamira.
Chikonzero chekutaura izvi ndechekuti shanduko yakadai inopedzisira yaitwa mune dzimwe shanduro dzinotevera dzeFedora.
Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo nezve runyorwa rwekuchinja kwakarongwa pakuremara kwemasiginecha, unogona kubvunza iwo ruzivo mu inotevera chinongedzo.