Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-25372

Deprecate SHA-1 algorithm from mariadb-server

    XMLWordPrintable

Details

    Description

      This ticket is an RFE to remove usage of SHA1 in MariaDB components if possible.

      The SHA-1 algorithm is weakening over time and it is not considered secure anymore for cryptography use cases.

      We are packaging MariaDB as part of the RHEL-9 and it is going to be supported for 10 years at least and during that time we need to make sure all components still comply with security standards.
      That is why we want to avoid using weak cryptographic algorithms (SHA-1 in this case).

      We realize this might require a substantial amount of work, but we would like to know your perspective on this.

      Attachments

        Issue Links

          includes

          New Feature - A new feature of the product, which has yet to be developed. CONC-542 Deprecate SHA-1 algorithm from mariadb-connector-c

          • Major - Major loss of function.
          • Open
          relates to

          Task - A task that needs to be done. MDEV-25262 include modern checksum in VIEW frm defination (not md5)

          • Major - Major loss of function.
          • Open

          Activity

            People

              Unassigned Unassigned
              ljavorsk Lukas Javorsky
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.