Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-542

Deprecate SHA-1 algorithm from mariadb-connector-c

    XMLWordPrintable

Details

    • New Feature
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Security
    • None

    Description

      NOTE: The description is copied from MDEV-25372

      This ticket is an RFE to remove usage of SHA1 in MariaDB components if possible.

      The SHA-1 algorithm is weakening over time and it is not considered secure anymore for cryptography use cases.

      We are packaging MariaDB as part of the RHEL-9 and it is going to be supported for 10 years at least and during that time we need to make sure all components still comply with security standards.
      That is why we want to avoid using weak cryptographic algorithms (SHA-1 in this case).

      We realize this might require a substantial amount of work, but would like to know your perspective on this.

      Attachments

        Issue Links

          Activity

            People

              georg Georg Richter
              ljavorsk Lukas Javorsky
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.