@ecole36 To clarify, it is not OpenSSL that requires the 16 bytes, it is the FIPS certification that requires the 16 bytes. So disable the 16 byte requirement and you're no longer FIPS certified.
To fully answer your question, we really need someone from Field Support that knows how to configure and run Dovecot to put together a procedure and test it out so that we can have a documented way to upgrade. My expertise is the OpenSSL side and I had to learn just enough about Dovecot to run the basic tests to pass the build. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2107773 Title: [SRU] Enabling FIPS causes SALT to be 8 bytes, but OpenSSL 3.0.2 checks if SALT is < 16 bytes, breaking Dovecot and possibly other packages. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/2107773/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
