Re: [PATCH (v2.47 regression)] hash.h: set NEEDS_CLONE_HELPER_UNSAFE in fallback mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2024-10-02 at 23:26:18, Jeff King wrote:
> This is a regression in v2.47.0-rc0. As mentioned above, I kind of doubt
> anybody will hit it in practice (I only did because I was trying to do
> some timing tests between the fast and dc variants). And it is almost
> tempting to leave it as a wake-up call for anybody who is still not
> using a collision-detecting sha1. ;)

I think this is a fine fix for 2.47.  I have a branch on my remote
(sha1-dc-only), which I'll send out after it passes CI (probably later
this week), that removes support for the everything but SHA-1-DC (except
for the unsafe code).

I don't think there's a reasonable configuration where people can use
Git with other SHA-1 code except in extremely limited circumstances we
shouldn't have to maintain code for.  The code is open source, so people
who really must have maximum performance with all of the vulnerabilities
can patch it back in themselves.
-- 
brian m. carlson (they/them or he/him)
Toronto, Ontario, CA

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux