{"description": "The <code>crypto-policies</code> package can be installed with the following command:\n<pre>\n$ apt-get install crypto-policies</pre>", "rationale": "Centralized cryptographic policies simplify applying secure ciphers across an operating system and\nthe applications that run on that operating system. Use of weak or untested encryption algorithms\nundermines the purposes of utilizing encryption to protect data.", "severity": "medium", "references": {"ospp": ["FCS_COP.1(1)", "FCS_COP.1(2)", "FCS_COP.1(3)", "FCS_COP.1(4)", "FCS_CKM.1", "FCS_CKM.2", "FCS_TLSC_EXT.1"], "srg": ["SRG-OS-000396-GPOS-00176", "SRG-OS-000393-GPOS-00173", "SRG-OS-000394-GPOS-00174"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "the package is not installed", "ocil": " Run the following command to determine if the <code>crypto-policies</code> package is installed: <pre>$ dpkg -l  crypto-policies</pre>", "oval_external_content": null, "fixtext": "The <code>crypto-policies</code> package can be installed with the following command:\n<pre>\n$ apt-get install crypto-policies</pre>", "checktext": "", "vuldiscussion": "", "srg_requirement": " Ubuntu 22.04 must have the crypto-policies package installed.", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {"stig": {"srg_requirement": "Ubuntu 22.04 must have the crypto-policies package installed.", "vuldiscussion": "Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data.", "checktext": "Verify that the Ubuntu 22.04 crypto-policies package is installed with the following command:\n\n$ dnf list --installed crypto-policies\n\nExample output:\n\ncrypto-policies.noarch          20240828-2.git626aa59.el9_5\n\nIf the crypto-policies package is not installed, this is a finding.", "fixtext": "Install the crypto-policies package (if the package is not already installed) with the following command:\n\n$ sudo dnf -y install crypto-policies"}}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Install crypto-policies package", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml", "template": {"name": "package_installed", "vars": {"pkgname": "crypto-policies"}, "backends": {}}}