[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#614315: Patch to change from MD5 to SHA1

Daniel Silverstone wrote:
> Attached is a patch which updates the 'functions' shell file to use SHA1
> instead of MD5.  It also updates the perl chunk at the bottom, but obviously
> does not update the version of pkginfo available in the bootstrap-base udeb.
> This needs updating also, otherwise new installs will fail.

Also, busybox in d-i needs to be updated to enable the checksum utility
used. Currently it only has md5sum.

But, is sha1 really what we want to check? Even the oldstable Release
file has sha256, and while there is some risk that will be replaced with
sha512, it is not broken like sha1 is. So I think we should use it for

This would probably be a good opportunity to parameterize the sha size
that is used, with a switch or at least a configuration variable.

see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to: