[Rpm-maint] [rpm-software-management/rpm] Bump hash for rpmdb cookie to SHA256 to appease FIPS (PR #1906)
Panu Matilainen
notifications at github.com
Mon Jan 31 09:19:03 UTC 2022
The rpmdb cookie is not a security feature, but as these existing
hashes are more convenient than coming up with our own... we then
run into the great big wall of FIPS which in its current incarnation
disallows use of SHA1. And so rpmdbCookie() fails under current FIPS.
Just bumping the algorithm to SHA256 seems the path of lowest
resistance, whether that algo makes sense for this purpose or not.
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/1906
-- Commit Summary --
* Bump hash for rpmdb cookie to SHA256 to appease FIPS
-- File Changes --
M lib/rpmdb.c (2)
-- Patch Links --
https://github.com/rpm-software-management/rpm/pull/1906.patch
https://github.com/rpm-software-management/rpm/pull/1906.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1906
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/1906 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220131/b189c515/attachment-0001.html>
More information about the Rpm-maint
mailing list