Details
-
New Feature
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
None
-
None
Description
This ticket is an RFE to remove usage of SHA1 in MariaDB components if possible.
The SHA-1 algorithm is weakening over time and it is not considered secure anymore for cryptography use cases.
We are packaging MariaDB as part of the RHEL-9 and it is going to be supported for 10 years at least and during that time we need to make sure all components still comply with security standards.
That is why we want to avoid using weak cryptographic algorithms (SHA-1 in this case).
We realize this might require a substantial amount of work, but we would like to know your perspective on this.
Attachments
Issue Links
- includes
-
CONC-542 Deprecate SHA-1 algorithm from mariadb-connector-c
- Open
- relates to
-
MDEV-25262 include modern checksum in VIEW frm defination (not md5)
- Open