[GitHub] poi pull request #90: Replace default insecure SHA1 hash algorithm

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[GitHub] poi pull request #90: Replace default insecure SHA1 hash algorithm

zmau-2
GitHub user jornfranke opened a pull request:

    https://github.com/apache/poi/pull/90

    Replace default insecure SHA1 hash algorithm

    Replace default insecure SHA1 hash algorithm with SHA256.
   
    SHA1 has been broken and should not be used anymore for signatures and should not be the default, cf. also https://security.googleblog.com/2016/11/sha-1-certificates-in-chrome.html

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/jornfranke/poi trunk

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/poi/pull/90.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #90
   
----
commit f5917c78864987c3f97050055b03cf5379ce6c69
Author: Jörn Franke <jornfranke@...>
Date:   2018-01-08T22:30:50Z

    Replace default insecure SHA1 hash algorithm
   
    Replace default insecure SHA1 hash algorithm with SHA256

----


---

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[GitHub] poi pull request #90: Replace default insecure SHA1 hash algorithm

zmau-2
Github user asfgit closed the pull request at:

    https://github.com/apache/poi/pull/90


---

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]