From b6816c15588ec111aa101b22c04f5eeac0bcd4fd Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 27 Feb 2017 15:04:03 -0400 Subject: reorg --- CHANGELOG | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index bdb56ad31..d301db75f 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -5,6 +5,11 @@ git-annex (6.20170215) UNRELEASED; urgency=medium This does not prevent the git repository from containing links to insecure hashes, but it does prevent the content of such files from being added to .git/annex/objects by any method. + * Tighten key parser to prevent SHA1 collision attacks generating + two keys that have the same SHA1. (Only done for keys that contain + a hash). This ensures that signed git commits of annexed files + will remain secure, as long as git-annex is using a secure hashing + backend. * fsck: Warn about any files whose content is present, that don't use secure hashes, when annex.securehashesonly is set. * Added --securehash option to match files using a secure hash function, @@ -42,11 +47,6 @@ git-annex (6.20170215) UNRELEASED; urgency=medium to wget, since curl is able to display only errors to stderr, unlike wget. * status: Pass --ignore-submodules=when option on to git status. - * Tighten key parser to prevent SHA1 collision attacks generating - two keys that have the same SHA1. (Only done for keys that contain - a hash). This ensures that signed git commits of annexed files - will remain secure, as long as git-annex is using a secure hashing - backend. * Removed support for building with the old cryptohash library. Building with that library made git-annex not support SHA3; it's time for that to always be supported in case SHA2 dominoes. -- cgit v1.2.3