[ https://issues.apache.org/jira/browse/TEZ-4240?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17272243#comment-17272243 ]
Jonathan Turner Eagles commented on TEZ-4240: --------------------------------------------- +1. Seems like a good change to get in. > Remove SHA-256 from Tez > ----------------------- > > Key: TEZ-4240 > URL: https://issues.apache.org/jira/browse/TEZ-4240 > Project: Apache Tez > Issue Type: Improvement > Affects Versions: 0.9.2 > Reporter: László Bodor > Assignee: László Bodor > Priority: Major > Fix For: 0.10.1, 0.9.3 > > Attachments: TEZ-4240.01.patch > > > SHA-256 is being deprecated, and it's recommended to be replaced by at least > SHA-384. Tez uses SHA-256 for resource validation, and even if it doesn't > seem to be a direct vulnerability, it's better to upgrade it in order to > remain FIPS compliant. -- This message was sent by Atlassian Jira (v8.3.4#803005)