[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#682401: dbmmanage: please use Digest::SHA instead of Digest::SHA1

severity 682401 serious


Evidently not too many people are using dbmmanage, even less with SHA1
encryption since it is not the default option but nobody noticed so far.
Nonetheless the removal of Digest::SHA1 breaks the application in a
fatal way when SHA-1 encryption is explicitly desired. Thus, I am
raising the bug severity to serious and I will prepare a patch.

Having that said, the root issue is upstream and they probably still
plan to support older Perl versions as well. Thus, simply replacing the
modules used will not suffice, but that does not sound like a big
problem either as a simple Perl version dependent branch will do it.

Stefan, shouldn't apache2-utils recommend the required perl libraries as
well, instead of letting dbmmanage suggest the use of CPAN (e.g. for
SHA1 in the past, or still in use for MD5)?

with kind regards,
Arno Töll
IRC: daemonkeeper on Freenode/OFTC
GnuPG Key-ID: 0x9D80F36D

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: