MantisBT - CMake
View Issue Details

ID	Project	Category	View Status	Date Submitted	Last Update
0015060	CMake	Documentation	public	2014-08-05 10:45	2015-01-05 08:39

Reporter	Nico Schlömer
Assigned To	Brad King
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	fixed
Platform		OS		OS Version
Product Version
Target Version	CMake 3.1	Fixed in Version	CMake 3.1

Summary	0015060: "This is not security software." too sloppy
Description	In the documentation of ExternalData <http://www.cmake.org/cmake/help/v3.0/module/ExternalData.html>, [^] the following comment appears: > Note that the hashes are used only for unique data identification and download > verification. This is not security software. This is too sloppy. It should probably read something like: Note that, while there are a feasible collision attacks on MD5, there is no known feasible second-preimage attack. MD5 is thus still considered appropriate for download verification.
Steps To Reproduce
Additional Information
Tags	No tags attached.
Relationships
Attached Files

Issue History
Date Modified	Username	Field	Change
2014-08-05 10:45	Nico Schlömer	New Issue
2014-08-05 11:17	Brad King	Note Added: 0036555
2014-08-05 11:18	Nico Schlömer	Note Added: 0036556
2014-08-05 11:31	Brad King	Note Added: 0036557
2014-08-05 11:31	Brad King	Assigned To	=> Brad King
2014-08-05 11:31	Brad King	Status	new => assigned
2014-08-05 11:31	Brad King	Target Version	=> CMake 3.1
2014-08-07 12:42	Brad King	Status	assigned => resolved
2014-08-07 12:42	Brad King	Resolution	open => fixed
2014-08-07 12:42	Brad King	Fixed in Version	=> CMake 3.1
2015-01-05 08:39	Robert Maynard	Note Added: 0037610
2015-01-05 08:39	Robert Maynard	Status	resolved => closed

Notes