[ https://issues.apache.org/jira/browse/SOLR-14649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17401599#comment-17401599 ]
Ishan Chattopadhyaya commented on SOLR-14649: --------------------------------------------- Yes, it would be preferable to target this for 9.0. I don't want to mark as a blocker for 9.0, though. > Package manager should use SHA512, not SHA1 > ------------------------------------------- > > Key: SOLR-14649 > URL: https://issues.apache.org/jira/browse/SOLR-14649 > Project: Solr > Issue Type: Improvement > Components: Plugin system > Reporter: Ishan Chattopadhyaya > Priority: Critical > > Due to a massive oversight, we only support SHA1 based package signing. We > should immediately switch to SHA512. Post that, all existing packages must be > re-signed with SHA512. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org