[SVN-4673] Reports of SHA-1 collision causing repository breakage - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.8.18, 1.9.6, 1.10.0
Component/s: None
Labels:
None

Description

Google recently created two pdfs with the same sha-1 checksum [1]. There are reports of this breaking svn repositories[2][3].

[1] https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
[2] https://arstechnica.com/security/2017/02/watershed-sha1-collision-just-broke-the-webkit-repository-others-may-follow/
[3] https://lists.webkit.org/pipermail/webkit-dev/2017-February/028795.html

Additional resources:
https://bugs.webkit.org/show_bug.cgi?id=168774#c23<Paste>
https://shattered.io/

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Bryan Rosander

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 24/Feb/17 22:43

Updated:: 03/Jul/17 12:50

Resolved:: 03/Jul/17 12:41