[GitHub] poi pull request #90: Replace default insecure SHA1 hash algorithm

[jornfranke]

GitHub user jornfranke opened a pull request:

    https://github.com/apache/poi/pull/90

    Replace default insecure SHA1 hash algorithm

    Replace default insecure SHA1 hash algorithm with SHA256.
    
    SHA1 has been broken and should not be used anymore for signatures and 
should not be the default, cf. also 
https://security.googleblog.com/2016/11/sha-1-certificates-in-chrome.html

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/jornfranke/poi trunk

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/poi/pull/90.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #90
    
----
commit f5917c78864987c3f97050055b03cf5379ce6c69
Author: Jörn Franke <jornfranke@...>
Date:   2018-01-08T22:30:50Z

    Replace default insecure SHA1 hash algorithm 
    
    Replace default insecure SHA1 hash algorithm with SHA256

----


---

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org