ACS AEM Commons Versioned Clientlibs

Question

Hi All, ACS AEM Commons Versioned ClientLibs uses Sling Rewriter to rewrite the client libraries generated by aem and append a unique MD5 value at the end of the client library URL and later it is cached. It generates a new MD5 value every time a modification to the client library happens and appends the generated MD5 value to the client library url for re-cashing. MD5 cryptographic algorithms are outdated and vulnerable to security. Is there another version of the Versioned ClientLibs or any other implementation that uses SHA2 Family (SHA256, SHA386, and SHA512) instead of MD5?

Singaiah_Chintalapudi · Accepted Answer

Thanks for calling out the security vulnerability. I guess the only option you've is to write you own custom logic to implement the MD5.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded