[Openstack-security] [openstack/keystone] SecurityImpact review request change I9e42c9bafc307ba1334fa641bab76f251722044d
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Wed Aug 27 22:47:07 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/117367
Log:
commit 17067dc384307d6a8649d283c4efb6c6518094ed
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Wed Aug 27 17:11:06 2014 -0500
Change the default digest for pki/ssl_setup to sha256
The default digest was `default`, which meant that the digest was the
openssl default of sha1. The default setting should be a SHA2
algorithm since this meets current security standards.
This is for security hardening.
SecurityImpact
DocImpact
The `default_message_digest` configuration options now default to
`sha256` instead of `default`.
Change-Id: I9e42c9bafc307ba1334fa641bab76f251722044d
Related-Bug: #1362343
More information about the Openstack-security
mailing list