[release-notes] slight context adjustment
Pete Travis
immanetize at fedoraproject.org
Sat Dec 6 18:11:02 UTC 2014
commit a8db9e63c7c8509fce5b7210149b84cfde9f4309
Author: Pete Travis <immanetize at fedoraproject.org>
Date: Sat Dec 6 11:10:58 2014 -0700
slight context adjustment
en-US/Security.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/en-US/Security.xml b/en-US/Security.xml
index cf01960..219eba7 100644
--- a/en-US/Security.xml
+++ b/en-US/Security.xml
@@ -38,7 +38,7 @@
OpenSSL was patched to disallow verification of certificates that are signed with MD5 algorithm. The use of MD5 hash algorithm for certificate signatures is now considered as insecure and thus all the main crypto libraries in Fedora were patched to reject such certificates.
</para>
<para>
- Certificates signed with MD5 algorithm are not present on public https web sites anymore but they can be still in use on private networks or used for authentication on openvpn based VPNs such as in bug 1157260. It is highly recommended to replace such certificates with new ones signed with SHA256 or at least SHA1. As a temporary measure the <envar>OPENSSL_ENABLE_MD5_VERIFY</envar> environment variable can be set to allow verification of certificates signed with MD5 algorithm.
+ Certificates signed with MD5 algorithm are not present on public https web sites anymore but they may still be in use on private networks or used for authentication on openvpn based VPNs. It is highly recommended to replace such certificates with new ones signed with SHA256 or at least SHA1. As a temporary measure the <envar>OPENSSL_ENABLE_MD5_VERIFY</envar> environment variable can be set to allow verification of certificates signed with MD5 algorithm.
</para>
</section>
</section>
More information about the docs-commits
mailing list