You are viewing a plain text version of this content. The canonical link for it is here.

Posted to gitbox@activemq.apache.org by GitBox <gi...@apache.org> on 2020/04/30 03:29:15 UTC

[GitHub] [activemq-artemis] YYTVicky commented on pull request #2995: Suggest not using blowfish for security concern

YYTVicky commented on pull request #2995:
URL: https://github.com/apache/activemq-artemis/pull/2995#issuecomment-621591368


   @michaelandrepearce Thanks for your feedback, since blowfish is a broken algorithm, there are some document list the reasons, such as this one https://threatpost.com/new-collision-attacks-against-3des-blowfish-allow-for-cookie-decryption/120087/.  our tool report that as a vulnerability issue, would you mind trying **AES** to see if it could pass the test? 
   Thanks!
   
   
    


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org