Hi, A SHA-1 collision has been published: https://www.schneier.com/blog/archives/2017/02/sha-1_collision.html https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
Our FileDataStore and S3DataStore use SHA-1. For new binaries, we should use (for example) SHA-256. Right now, a content management system that uses Oak as the repository can't serve those two files at the same time, if it uses the FileDataStore or the S3DataStore. (The FileBlobStore, MongoDB BlobStore,..., are not affected) Regards, Thomas
