Use default, collision-detecting SHA1 implementation
Upstream changed the default SHA1 implementation in 2.13.0 to one which detects collisions. It may be slightly slower than BLK_SHA1 in some cases, but the added safety it provides in the face of the SHAttered attack should be worth the cost.
We overrode the default SHA1 implementation in b796934 (Update to git-1.6.5.rc2 - Enable Linus' block-sha1 implementation.) The main reason was to avoid linking against openssl's libcrypto for most binaries, which saved a measurable amount of space. Using the new DC_SHA1 default provides the same benefit.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2017-3bb960e4aa
Please login to add feedback.
This update has been submitted for testing by tmz.
This update has been pushed to testing.
Works great! LGTM! =)
LGTM
works fine for me
This update has been submitted for stable by bodhi.
This update has been pushed to stable.