[Openstack-security] [openstack/python-keystoneclient] SecurityImpact review request change Ie19d093d0494443ce4cd880ae1f92dffd5c361ef
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Thu Oct 30 01:12:53 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/117372
Log:
commit a6848b4667ee4f2ee1e2b6642a7ba36aabefdbd0
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Wed Aug 27 17:53:41 2014 -0500
token signing support alternative message digest
The functions for creating signed tokens in common.cms always used
sha256 for the message digest. This might be inadequate in the future
so the digest algorithm shouldn't be hard-coded. A parameter is added
to allow choosing a different digest algorithm.
SecurityImpact
Change-Id: Ie19d093d0494443ce4cd880ae1f92dffd5c361ef
Related-Bug: #1362343
More information about the Openstack-security
mailing list