Breezy

Replace uses of SHA1 with SHA256

Bug #1698536 reported by Jelmer Vernooij on 2017-06-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Breezy	Triaged	Medium	Unassigned

SHA1 is insecure (https://www.schneier.com/blog/archives/2005/02/sha1_broken.html); we should replace all uses of it in Bazaar with something more secure. SHA256?

Tags:

Jelmer Vernooij (jelmer) on 2017-06-20

tags:

added: new-format

Jelmer Vernooij (jelmer) on 2017-06-21

tags:

added: next-format

Jelmer Vernooij (jelmer) on 2017-06-22

Changed in brz:
milestone:	3.0.0 → none

Jelmer Vernooij (jelmer) on 2018-03-29

tags:

added: bzr-format

Revision history for this message

Aaron Bentley (abentley) wrote on 2018-10-05:

David Timothy Strauss, (who seems to be a Breezy fan), thinks that sha512 should be used instead of sha256: https://medium.com/@davidtstrauss/stop-using-sha-256-6adbb55c608

Jelmer Vernooij (jelmer) on 2019-04-06

Changed in brz:
importance:	High → Medium

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Bug watches keep track of this bug in other bug trackers.