Project

Profile

Help

Story #6985

closed

Story #3778: [Epic] As a user, I can run Pulp 3 in a FIPS-enabled environment

As a user, pulpcore itself is FIPS compatible

Added by bmbouter over 4 years ago. Updated over 4 years ago.

Status:
CLOSED - DUPLICATE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

Background

Currently pulp3 uses insecure checksums for data integrity purposes, for example when syncing EL5 content which only has md5 checksums available on EL5 systems so the repodata only has MD5. When Pulp is downloading it uses those md5 values to ensure the downloaded data is unmodified.

Solution

Mark the usage of insecure checksums in Pulp to not be used for security purposes using the Red Hat provided "usedforsecurity" flag.


Related issues

Is duplicate of Pulp - Story #5216: As a user, I can configure which checksum types I want to use in PulpCLOSED - CURRENTRELEASEggainey

Actions
Actions #1

Updated by bmbouter over 4 years ago

  • Parent issue set to #3778
Actions #2

Updated by daviddavis over 4 years ago

I believe to solve this issue, we should implement #5216.

Actions #3

Updated by daviddavis over 4 years ago

  • Status changed from NEW to CLOSED - DUPLICATE
Actions #4

Updated by daviddavis over 4 years ago

  • Is duplicate of Story #5216: As a user, I can configure which checksum types I want to use in Pulp added

Also available in: Atom PDF