Project

General

Profile

Feature #21748

Replace crypto- and hash-functions unapproved by FIPS with FIPS-approved ones

Added by Dmitri Dolguikh almost 3 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Category:
-
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

Some of the places in the code where MD5 is used:

./migrate/20140912113254_add_password_hash_to_operatingsystem.rb
./migrate/20150428110835_change_os_default_password_hash.rb
./app/controllers/api/v1/operatingsystems_controller.rb
./app/controllers/api/v2/operatingsystems_controller.rb
./app/helpers/unattended_helper.rb
./app/helpers/application_helper.rb
./app/models/setting/email.rb
./app/services/password_crypt.rb
./app/views/unattended/provisioning_templates/snippet/_bmc_nic_setup.erb


Related issues

Related to Foreman - Feature #3511: As a security person, I would like Foreman to run in FIPS modeResolved
Related to Foreman - Bug #28458: remove gravater from img_src secure headerClosed

Associated revisions

Revision 4c66d096 (diff)
Added by Dmitri Dolguikh over 2 years ago

Fixes #21748 - Removed gravatar images

As gravatar urls use MD5 hashes

History

#1 Updated by Dmitri Dolguikh almost 3 years ago

  • Related to Feature #3511: As a security person, I would like Foreman to run in FIPS mode added

#2 Updated by The Foreman Bot almost 3 years ago

  • Assignee set to Dmitri Dolguikh
  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/5066 added

#3 Updated by Anonymous over 2 years ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed

#4 Updated by Tomer Brisker 10 months ago

  • Related to Bug #28458: remove gravater from img_src secure header added

Also available in: Atom PDF