mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

slight correction

Browse source
This commit is contained in:
Joey Hess 2017-02-23 17:11:46 -04:00
parent aa8ab352f2
commit 9bee19ed38
No known key found for this signature in database
GPG key ID: C910D9222512E3C7
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
doc/devblog/day_449__SHA1_break_day.mdwn
View file

@ -2,7 +2,8 @@
produced by an identical-prefix collision attack.
After looking into it all day, it does not appear to impact git's security
immediately. But we're well past the time when it seemed ok that git
immediately, except for targeted attacks against specific projects by
very wealthy attackers. But we're well past the time when it seemed ok that git
uses SHA1. If this gets improved into a chosen-prefix collision
attack, git will start to be rather insecure.