diff options
| -rw-r--r-- | CHANGELOG | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -5,6 +5,11 @@ git-annex (6.20170215) UNRELEASED; urgency=medium This does not prevent the git repository from containing links to insecure hashes, but it does prevent the content of such files from being added to .git/annex/objects by any method. + * Tighten key parser to prevent SHA1 collision attacks generating + two keys that have the same SHA1. (Only done for keys that contain + a hash). This ensures that signed git commits of annexed files + will remain secure, as long as git-annex is using a secure hashing + backend. * fsck: Warn about any files whose content is present, that don't use secure hashes, when annex.securehashesonly is set. * Added --securehash option to match files using a secure hash function, @@ -42,11 +47,6 @@ git-annex (6.20170215) UNRELEASED; urgency=medium to wget, since curl is able to display only errors to stderr, unlike wget. * status: Pass --ignore-submodules=when option on to git status. - * Tighten key parser to prevent SHA1 collision attacks generating - two keys that have the same SHA1. (Only done for keys that contain - a hash). This ensures that signed git commits of annexed files - will remain secure, as long as git-annex is using a secure hashing - backend. * Removed support for building with the old cryptohash library. Building with that library made git-annex not support SHA3; it's time for that to always be supported in case SHA2 dominoes. |