Uploaded image for project: 'OpenShift Specialist Platform Team'
  1. OpenShift Specialist Platform Team
  2. SPLAT-2485

CCM-AWS upstream: report and fix security issues reported by Snyk on SHA1 and MD5 utilization

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • None
    • Future Sustainability
    • False
    • Hide

      None

      Show
      None
    • False
    • None
    • None
    • None
    • None

      User Story:
      As an OpenShift Engineer I want CCM-AWS upstream: report and fix security issues reported by Snyk on SHA1 and MD5 utilization so that we can fix downstream reports on and contribute to fix upstream security reports. ref

       

      Description:
      < Record any background information >

      Snyk CI job failure: 

      Failures:

      • [Low] Use of Password Hash With Insufficient Computational Effort ; Info: The SHA1 hash (used in crypto.sha1.New) is insecure. Consider changing it to a secure hash algorithm
      • [Low] Use of Password Hash With Insufficient Computational Effort ; Info: The MD5 hash (used in crypto.md5.Sum) is insecure. Consider changing it to a secure hash algorithm

       

       

      Acceptance Criteria:
      < Record how we'll know we're done >

      Other Information:
      < Record anything else that may be helpful to someone else picking up the card >

      issue created by splat-bot

      created from thread: https://redhat-internal.slack.com/archives/G012C6LKVM2/p1757004920557199

              Unassigned Unassigned
              rhn-support-mrbraga Marco Braga
              None
              None
              None
              None
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: