Egor,

On 26.3.2015 21:23, Mark Thomas wrote:
On 26/03/2015 17:30, Egor Philippov wrote:
Anyone familiar with the warning or know
whether it represents a real security problem?

That depends on your definition of 'real'. I'm not aware of any viable
attacks but general opinion is that now is the time to take action.

Check your server certificate. The most likely explanation is that it
has a SHA-1 signature. Your CA should be able to provide you with a
replacement with a more secure signature. I know the CAs the ASF uses
have been offering this for 6 months or more.

+1

More info here:

https://community.qualys.com/blogs/securitylabs/2014/09/09/sha1-deprecation-what-you-need-to-know

-Ognjen

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to