[#CONC-542] Deprecate SHA-1 algorithm from mariadb-connector-c

[CONC-542] Deprecate SHA-1 algorithm from mariadb-connector-c Created: 2021-04-08 Updated: 2023-10-30
Status:	Open
Project:	MariaDB Connector/C
Component/s:	Security
Affects Version/s:	None
Fix Version/s:	None

Type:

New Feature

Priority:

Major

Reporter:

Lukas Javorsky

Assignee:

Georg Richter

Resolution:

Unresolved

Votes:

Labels:

None

Issue Links:

PartOf
is part of	MDEV-25372	Deprecate SHA-1 algorithm from mariad...	Open

Description

NOTE: The description is copied from MDEV-25372

This ticket is an RFE to remove usage of SHA1 in MariaDB components if possible.

The SHA-1 algorithm is weakening over time and it is not considered secure anymore for cryptography use cases.

We are packaging MariaDB as part of the RHEL-9 and it is going to be supported for 10 years at least and during that time we need to make sure all components still comply with security standards.
That is why we want to avoid using weak cryptographic algorithms (SHA-1 in this case).

We realize this might require a substantial amount of work, but would like to know your perspective on this.

Generated at Thu Feb 08 03:06:03 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[CONC-542] Deprecate SHA-1 algorithm from mariadb-connector-c Created: 2021-04-08 Updated: 2023-10-30