Uploaded image for project: 'Apache Tez'
  1. Apache Tez
  2. TEZ-4240

Remove SHA-256 from Tez

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 0.9.2
    • 0.10.1, 0.9.3
    • None
    • None

    Description

      SHA-256 is being deprecated, and it's recommended to be replaced by at least SHA-384. Tez uses SHA-256 for resource validation, and even if it doesn't seem to be a direct vulnerability, it's better to upgrade it in order to remain FIPS compliant.

      Attachments

        1. TEZ-4240.02.patch
          0.9 kB
          László Bodor
        2. TEZ-4240.01.patch
          0.9 kB
          László Bodor

        Activity

          People

            abstractdog László Bodor
            abstractdog László Bodor
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: