[ https://issues.apache.org/jira/browse/TEZ-4240?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17272243#comment-17272243
]
Jonathan Turner Eagles commented on TEZ-4240:
---------------------------------------------
+1. Seems like a good change to get in.
> Remove SHA-256 from Tez
> -----------------------
>
> Key: TEZ-4240
> URL: https://issues.apache.org/jira/browse/TEZ-4240
> Project: Apache Tez
> Issue Type: Improvement
> Affects Versions: 0.9.2
> Reporter: László Bodor
> Assignee: László Bodor
> Priority: Major
> Fix For: 0.10.1, 0.9.3
>
> Attachments: TEZ-4240.01.patch
>
>
> SHA-256 is being deprecated, and it's recommended to be replaced by at least SHA-384.
Tez uses SHA-256 for resource validation, and even if it doesn't seem to be a direct vulnerability,
it's better to upgrade it in order to remain FIPS compliant.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
|