Mva nje zakhutshwa iindaba ngabaphuhlisi beprojekthi yeFedora kwaye kukuba baye benza ukuba baziwe isicwangciso sokuvala inkxaso ye-SHA-1 yesiginitsha yedijithali ukukhutshwa kwe "Fedora Linux 39".
Kukhankanyiwe ukuba isicwangciso sokuvala iisiginitsha sithetha ukuphelisa ukuthembela kwiisignesha ezisebenzisa i-SHA-1 hashes (SHA-224 iya kubhengezwa njengobuncinane obuvunyelweyo kwiisignitsha zedijithali), kodwa ukugcina inkxaso ye-HMAC nge-SHA-1 kunye nokubonelela ngesakhono sokwenza iprofayili ye-LEGACY isebenze nge-SHA-1.
Esona sizathu sibalulekileyo sokuba abaphuhlisi beFedora beze kwesi sigqibo kukuba ukuphela kwenkxaso ye-SHA-1 esekelwe kwiisignesha. kungenxa yokwanda kwempumelelo yohlaselo longquzulwano ngesimaphambili esinikiweyo (ixabiso lokukhetha ukungqubana liqikelelwa kumashumi amawaka eedola). Ukongeza koko kwizikhangeli, izatifikethi eziqinisekisiweyo zisebenzisa i-algorithm ye-SHA-1 ziphawulwe njengezingakhuselekanga ukusukela phakathi ku-2016.
Olona tshintsho luphambili ngeli xesha iya kuba kukungathembi iisayino ze-SHA-1.
kwinqanaba lelayibrari ye-cryptographic, echaphazela ngaphezu kwe-TLS kuphela.I-OpenSSL iya kuqalisa ukuvala indalo kunye nokuqinisekiswa kotyikityo ngokungagqibekanga,
kunye nemvula elindelekileyo eya kuba yaneleyo ngokwaneleyo
ukuba siphumeze utshintsho ngemijikelo emininzi
ngezaziso ezininzi
ukunika abaphuhlisi kunye nabagcini ixesha elaneleyo lokusabela.
Kuyafaneleka ukukhankanya ukuba emva kokufaka utshintsho oluchaziweyo, ithala leencwadi le-OpenSSL liya kuthi ngokungagqibekanga livale isizukulwana kunye nokuqinisekiswa kweesignesha nge-SHA-1.
Ukuvalwa kucetyiwe ukuba kuqhutywe ngokwezigaba ezininzi, njengakwi-Fedora Linux 36 kunye ne-37 ekhutshwayo, i-SHA-1 esekwe utyikityo iya kususwa kumgaqo-nkqubo we-"FUTURE", kwaye ndiceba ukubonelela ngomgaqo-nkqubo wovavanyo TEST-FEDORA39 ukuvala i-SHA-1 kwisicelo somsebenzisi (uhlaziyo -i-crypto-polisi - seta TEST-FEDORA39), xa usenza kwaye uqinisekisa i-SHA-1 isayinwe ngokusekwe, izilumkiso ziya kuboniswa kwilog.
Kwi-Fedora 39, imigaqo-nkqubo iya kuba, kumbono we-TLS:
ILIFA
I-MAC: zonke ii-HMAC ezine-SHA1 okanye ngaphezulu + zonke ii-MAC zangoku (Poly1305, njl.)
Iigophe: zonke iiprimes >= 255 bits (kubandakanywa neegophe zaseBernstein)
Ii-algorithms zotyikityo: SHA-1 hash okanye ngcono (akukho DSA)
Ii-Ciphers: zonke ziyafumaneka > 112-bit key, >= 128-bit block (akukho RC4 okanye 3DES)
Utshintshiselwano olungundoqo: ECDHE, RSA, DHE (ngaphandle kwe-DHE-DSS)
Ubungakanani beparamitha yeDH: >=2048
Ubungakanani beParameter yeRSA: >=2048
Iiprothokholi ze-TLS: TLS >= 1.2
Emva koko, ngexesha lokukhutshwa kwe-beta yangaphambili ye-Fedora Linux 38, indawo yokugcina iya kuba nomgaqo-nkqubo ochasene neesignesha ze-SHA-1, kodwa olu tshintsho aluyi kusebenza kwi-beta kunye nokukhululwa kwe-Fedora Linux 38. Ngokukhululwa kwe-Fedora Linux 39, Umgaqo-nkqubo wotyikityo lwe-SHA-1 uya kusetyenziswa ngokungagqibekanga.
Isicwangciso esicetywayo asikaqwalaselwa ngokutsha yi-FESCo (IKomiti yoLawulo lobuNjineli beFedora), ejongene necandelo lobugcisa bophuhliso losasazo lweFedora.
Ngakolunye uhlangothi, Kukwafanelekile ukongeza ukuba kwi-Red Hat uye walunyukiswa malunga nokuphela kwenkxaso yethala leencwadi le-GTK 2, ukuqala ngesebe elilandelayo leRed Hat Enterprise Linux.
Iphakheji ye-gtk2 ayiyi kufakwa kwi-RHEL 10 yokukhutshwa, eya kuxhasa kuphela i-GTK 3 kunye ne-GTK 4. I-GTK 2 yasuswa ngenxa yokuthotywa kwe-toolset kunye nokungabikho kwenkxaso yobuchwepheshe bale mihla njenge-Wayland, i-HiDPI, kunye ne-HDR.
Izixhobo zokusebenza zisincedile ngombulelo, kodwa iyaqala ukubonisa ubudala bayo ngokumalunga neetekhnoloji zanamhlanje ezifana neWayland, iziboniso zeHiDPI, HDR, kunye nezinye.
Iinkqubo ezihlala zibotshelelwe kwi-GTK 2, ezifana ne-GIMP kunye ne-Ardour, kulindeleke ukuba zibe nexesha lokufudukela kumasebe amatsha e-GTK ngaphambi kuka-2025, ekulindeleke ukuba ikhulule i-RHEL 10. Ku-Ubuntu 22.04, iipakethe ze-504 zisebenzisa i-libgtk2 njengokuxhomekeka.
Isizathu sokukhankanya oku kukuba olo tshintsho luphela luphunyezwa kwezinye zeenguqulelo ezilandelayo zeFedora.
Gqibela ukuba unomdla wokwazi okungakumbi ngayo malunga noluhlu lotshintsho olucwangcisiweyo ekukhubazeni imisayino, ungajongana neenkcukacha kwi ukulandela ikhonkco.