You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@poi.apache.org by jornfranke <gi...@git.apache.org> on 2018/01/08 22:32:11 UTC

[GitHub] poi pull request #90: Replace default insecure SHA1 hash algorithm

GitHub user jornfranke opened a pull request:

    https://github.com/apache/poi/pull/90

    Replace default insecure SHA1 hash algorithm

    Replace default insecure SHA1 hash algorithm with SHA256.
    
    SHA1 has been broken and should not be used anymore for signatures and should not be the default, cf. also https://security.googleblog.com/2016/11/sha-1-certificates-in-chrome.html

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/jornfranke/poi trunk

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/poi/pull/90.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #90
    
----
commit f5917c78864987c3f97050055b03cf5379ce6c69
Author: Jörn Franke <jo...@...>
Date:   2018-01-08T22:30:50Z

    Replace default insecure SHA1 hash algorithm 
    
    Replace default insecure SHA1 hash algorithm with SHA256

----


---

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org

[GitHub] poi pull request #90: Replace default insecure SHA1 hash algorithm

Posted by asfgit <gi...@git.apache.org>.

Github user asfgit closed the pull request at:

    https://github.com/apache/poi/pull/90


---

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org