sha256sum
Nicholas Miell
nmiell at comcast.net
Tue Jun 27 02:58:44 UTC 2006
On Mon, 2006-06-26 at 07:25 -0600, Stephen John Smoogen wrote:
> On 6/25/06, Steve G <linux_4ever at yahoo.com> wrote:
> > Hi,
> >
> > I just wanted everyone to understand the significance of this announcement:
> >
> > >coreutils-5.96-4
> > >----------------
> > >* Sun Jun 25 2006 Tim Waugh <twaugh at redhat.com> 5.96-4
> > >- Include new hashes (bug #196369). Patch from upstream.
> > >- Build at -O1 on s390 for the moment (bug #196369).
> >
> >
> > This adds sha224sum, sha256sum, sha384sum, and sha512sum utilities to the
> > distribution. Attacks on md5sum have been getting better over the last 2 years.
> > While md5sum is not broken, I think its time to consider migrating to sha256sum
> > everywhere in the distribution.
> >
>
> Hurray. We have been told that computer systems that are covered by
> FISMA are supposed to use a minimum of SHA-256 when doing baselines of
> systems. Now to get a baseline tool that uses this AND is prelink
> aware.
>
The RPM maintainer has already expressed displeasure with the idea of
replacing SHA-1 with something better, so don't bother wasting your time
there.
--
Nicholas Miell <nmiell at comcast.net>
More information about the devel
mailing list