Actions
Story #6985
closedStory #3778: [Epic] As a user, I can run Pulp 3 in a FIPS-enabled environment
As a user, pulpcore itself is FIPS compatible
Status:
CLOSED - DUPLICATE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:
Description
Background¶
Currently pulp3 uses insecure checksums for data integrity purposes, for example when syncing EL5 content which only has md5 checksums available on EL5 systems so the repodata only has MD5. When Pulp is downloading it uses those md5 values to ensure the downloaded data is unmodified.
Solution¶
Mark the usage of insecure checksums in Pulp to not be used for security purposes using the Red Hat provided "usedforsecurity" flag.
Related issues
Actions