[Openstack-security] [Bug 1348339] Re: Use of weak MD5 algorithm
Robert Clark
1348339 at bugs.launchpad.net
Tue Jul 29 07:04:03 UTC 2014
+1 to Bryan and Eric
Many enterprise customers are requesting to see our crypto audits -
there's only so many times you can explain "Yes, but, MD5 is pretty much
o.k in this context" before you start looking silly.
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1348339
Title:
Use of weak MD5 algorithm
Status in OpenStack Security Advisories:
Won't Fix
Status in Openstack Database (Trove):
Triaged
Bug description:
The file: trove/trove/guestagent/strategies/storage/swift.py line 54
uses a weak hashing algorithm, MD5. It would be pretty simple
hardening upgrade to use at least hashlib.SHA256.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ossa/+bug/1348339/+subscriptions
More information about the Openstack-security
mailing list