Project

Profile

Help

Actions
Send by e-mail Copy link

Story #6985

closed

Story #3778: [Epic] As a user, I can run Pulp 3 in a FIPS-enabled environment

As a user, pulpcore itself is FIPS compatible

Added by bmbouter almost 4 years ago. Updated over 3 years ago.

Status:
CLOSED - DUPLICATE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

Background

Currently pulp3 uses insecure checksums for data integrity purposes, for example when syncing EL5 content which only has md5 checksums available on EL5 systems so the repodata only has MD5. When Pulp is downloading it uses those md5 values to ensure the downloaded data is unmodified.

Solution

Mark the usage of insecure checksums in Pulp to not be used for security purposes using the Red Hat provided "usedforsecurity" flag.

Related issues

Is duplicate of Pulp - Story #5216: As a user, I can configure which checksum types I want to use in PulpCLOSED - CURRENTRELEASEggainey

Actions
Actions
Copy link
 #1

Updated by bmbouter almost 4 years ago

  • Parent issue set to #3778
Actions
Copy link
 #2

Updated by daviddavis almost 4 years ago

I believe to solve this issue, we should implement #5216.

Actions
Copy link
 #3

Updated by daviddavis over 3 years ago

  • Status changed from NEW to CLOSED - DUPLICATE
Actions
Copy link
 #4

Updated by daviddavis over 3 years ago

  • Is duplicate of Story #5216: As a user, I can configure which checksum types I want to use in Pulp added
Actions
Send by e-mail Copy link

Also available in: Atom PDF