https://bugs.kde.org/show_bug.cgi?id=396050
Bug ID: 396050
Summary: Move away from SHA-1 to SHA-2
Product: kdeconnect
Version: unspecified
Platform: Other
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: common
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
As the "encryption information" in your info box indicates, you still use SHA-1
as a hash. SHA-1 is being deprecated and first collision attacks have been
shown (https://shattered.it/). Of course, it is not yet broken for your use
case, because that would likely require a pre-image attack, but it's better to
move away from it *now*.
AFAIK in HTTPS they are already deprecated, so you should do the same.
--
You are receiving this mail because:
You are watching all bug changes.
