New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tests: Avoid MD5 or check for MD5 availablity #82451
Comments
MD5 hash digest algorithm has known security issues and is getting blocked on systems with strict security policies. Python uses MD5 in several unittests. These tests should either avoid MD5 and use SHA256 instead. Or tests that really require MD5 should check for the availability of MD5 and skip these tests. The latter are network-related tests that check for digest auth or CRAM-MD5 auth. Avoidable use of MD5:
Tests that require MD5:
|
Can we close the issue? |
It looks like Christian originally requested autobackports to both 3.8 and 3.7 but both failed due to git checkout errors. He then manually restarted the 3.8 backport but it looks like the 3.7 one did not get restarted. Christian, was that intentional or just an oversight? If the latter, you should try the 3.7 backport again. |
The change silently disables 2 tests, see comment here: (I think it's better to reopen this bug, than to open a new one, so all the fixes are in one place. Do you agree?) |
Is there anything left to do here? |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: