maria-discuss team mailing list archive

Thread
Date

Re: Is it possible to upgrade SHA-1 and MD5 algorithms in Mariadb-10.5?

To: "'Sergei Golubchik'" <serg@xxxxxxxxxxx>, "'Lukas Javorsky'" <ljavorsk@xxxxxxxxxx>
From: "Eliezer Croitoru" <ngtech1ltd@xxxxxxxxx>
Date: Thu, 18 Mar 2021 05:29:47 +0200
Cc: maria-discuss@xxxxxxxxxxxxxxxxxxx
In-reply-to: <YFIfBM7cKV5YprZb@pweza.fritz.box>
Thread-index: AQG8b7jdBLtadshgyBqZspIbbuMG1AIY/kLsqq2k7WA=

Hey Sergei,

I cannot speak in the name of Lukas but I assume that he is talking about the payload signature of RPM files.
Technically speaking SHA1 and MD5 can collide but only to specific file sizes.
It's not that simple to create an RPM in a size of 10+ MB which will provide the exact same
functionality ie DB which will include errors and/or other things.

I know it's pretty simple to upgrade the signature so I do not find any reason to not add a SHA256 sig.

All The Bests,
Eliezer

----
Eliezer Croitoru
Tech Support
Mobile: +972-5-28704261
Email: ngtech1ltd@xxxxxxxxx
Zoom: Coming soon


-----Original Message-----
From: Maria-discuss <maria-discuss-bounces+ngtech1ltd=gmail.com@xxxxxxxxxxxxxxxxxxx> On Behalf Of Sergei Golubchik
Sent: Wednesday, March 17, 2021 5:24 PM
To: Lukas Javorsky <ljavorsk@xxxxxxxxxx>
Cc: maria-discuss@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Maria-discuss] Is it possible to upgrade SHA-1 and MD5 algorithms in Mariadb-10.5?

Hi, Lukas!

What do you mean by "upgrade SHA-1 and MD5 algorithms in MariaDB" ?

Regards,
Sergei
VP of MariaDB Server Engineering
and security@xxxxxxxxxxx

On Mar 17, Lukas Javorsky wrote:
> Hi,
> 
> In RHEL-9 we are deprecating, old SHA-1 and MD5 and that's why I want to
> ask you if there is any chance that upstream is going to change it, or we
> should do it downstream.
> 
> These algorithms are no longer considered as safe, so it may be a good
> thing to upgrade them.
> 
> AFAIK mariadb uses these algorithms in *mariadb* and *mariadb-connector-c.*
> 
> Also if you have no intention to change it, is there any chance you could
> help us somehow. Maybe point out what we should be aware of.
> 
> Please let me know what you think
> 
> Lukas
> 
> -- 
> S pozdravom/ Best regards
> 
> Lukáš Javorský
> 
> Associate Software Engineer, Core service - Databases
> 
> Red Hat <https://www.redhat.com>
> 
> Purkyňova 115 (TPB-C)
> 
> 612 00 Brno - Královo Pole
> 
> ljavorsk@xxxxxxxxxx
> <https://www.redhat.com>

_______________________________________________
Mailing list: https://launchpad.net/~maria-discuss
Post to     : maria-discuss@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~maria-discuss
More help   : https://help.launchpad.net/ListHelp

Follow ups

Re: Is it possible to upgrade SHA-1 and MD5 algorithms in Mariadb-10.5?
From: Daniel Black, 2021-03-19

References

Is it possible to upgrade SHA-1 and MD5 algorithms in Mariadb-10.5?
From: Lukas Javorsky, 2021-03-17
Re: Is it possible to upgrade SHA-1 and MD5 algorithms in Mariadb-10.5?
From: Sergei Golubchik, 2021-03-17