summaryrefslogtreecommitdiff
path: root/CHANGELOG
diff options
context:
space:
mode:
Diffstat (limited to 'CHANGELOG')
-rw-r--r--CHANGELOG5
1 files changed, 3 insertions, 2 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 9f3c22414..459937cfd 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -33,8 +33,9 @@ git-annex (6.20170215) UNRELEASED; urgency=medium
to wget, since curl is able to display only errors to stderr, unlike
wget.
* status: Pass --ignore-submodules=when option on to git status.
- * Tighten key parser to mitigate against hypothetical SHA1 chosen-prefix
- attacks. This ensures that signed git commits of annexed files
+ * Tighten key parser to prevent SHA1 collision attacks generating
+ two keys that have the same SHA1. (Only done for keys that contain
+ a hash). This ensures that signed git commits of annexed files
will remain secure, as long as git-annex is using a secure hashing
backend.