Libravatar (obsolete)

Remove SHA1 hashes

Bug #769766 reported by François Marier
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Libravatar (obsolete)
Fix Released
Medium
François Marier

Bug Description

Both MD5 and SHA1 are weak algorithms, so it's better to avoid them.

MD5 is needed for Gravatar compatibility, but there is no real need for SHA1. We should just get rid of it before anybody starts using it.

Tags: hash
Revision history for this message
François Marier (fmarier) wrote :

Mentions of the SHA1 algorithm removed from API documentation (http://wiki.libravatar.org/api/).

Changed in libravatar:
status: Confirmed → In Progress
Revision history for this message
François Marier (fmarier) wrote :

Option removed from the software and the website.

I also removed and archived all sha1 files from /var/lib/libravatar/avatar/

Changed in libravatar:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.