[MDEV-12701] ACL secured by SHA1 algorithm too weak/out dated - Jira

Details

Type: Task
Status: Closed (View Workflow)
Priority: Critical
Resolution: Duplicate
Fix Version/s: 10.1.22, 10.2.5
Component/s: Authentication and Privilege System, Plugins
Labels:
- PCI
- audit
- sha1

Description

SHA1 is known as unsecure/weak.
There should be a secure hashing alternative.

PCI Certified Enterprises can expect problems with auditing.

https://www.heise.de/security/meldung/Todesstoss-Forscher-zerschmettern-SHA-1-3633589.html
https://shattered.it/

Attachments

Issue Links

is duplicated by

MDEV-12160 Modern alternative to the SHA1 authentication plugin

Closed

Activity

People

Assignee:

Sergei Golubchik

Reporter:

Adam Kubina

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

2017-05-05 09:23

Updated:

2017-05-05 12:35

Resolved:

2017-05-05 12:34