[TEZ-4240] Remove SHA-256 from Tez - ASF JIRA

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 0.9.2
Fix Version/s: 0.10.1, 0.9.3
Component/s: None
Labels:
None

Description

SHA-256 is being deprecated, and it's recommended to be replaced by at least SHA-384. Tez uses SHA-256 for resource validation, and even if it doesn't seem to be a direct vulnerability, it's better to upgrade it in order to remain FIPS compliant.

Attachments

TEZ-4240.01.patch
14/Oct/20 07:54
0.9 kB
László Bodor
TEZ-4240.02.patch
27/Jan/21 08:10
0.9 kB
László Bodor

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: László Bodor

Reporter:: László Bodor

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 14/Oct/20 07:48

Updated:: 28/Jan/21 09:21

Resolved:: 28/Jan/21 09:21

Agile

View on Board

Remove SHA-256 from Tez

Details

Description

Attachments

Attachments

Activity

People

Dates

Agile

Slack

Issue deployment