Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace md5 by secure hash algorithm like sha256 #17

Closed
thardeck opened this issue Oct 12, 2017 · 3 comments
Closed

Replace md5 by secure hash algorithm like sha256 #17

thardeck opened this issue Oct 12, 2017 · 3 comments
Labels
accepted

Comments

@thardeck
Copy link
Contributor

Are there any plans to replace the insecure md5 hash algorithm in the packager by a secure one like sha256?
@cf-gitbot
Copy link

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/151913767

The labels on this github issue will be updated when the story is started.

@sclevine
Copy link
Contributor

Hi @thardeck,

Yes, eventually we plan to do this. I'll prioritize this story so you can follow it in our backlog.

@sclevine
Copy link
Contributor

@thardeck This is finished. All buildpacks use sha256 checksums on their develop branch.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
accepted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sclevine @thardeck @cf-gitbot