severity 387202 wishlist retitle 387202 Please add sha1 sums for ISO images thanks On Tue, Sep 12, 2006 at 05:58:08PM -0400, Simon Valiquette wrote: >Package: cdimage.debian.org >Severity: normal > > The MD5SUM for the NetInstall CD and business card CD are missing, >at least for the x86 architecture (the other arch I checked had it, >including the 3.1_r2 x86 version). > >http://cdimage.debian.org/debian-cd/3.1_r3/i386/iso-cd/ > > It would be good to have them so that we can at least check that >we downloaded the ISO properly. I am surprised it was not reported before. >I sometime like to validate that the ISO on my mirror are good ones. Yup. Apologies for the omission; it was a simple mistake that I've just fixed. > I would suggest that you also provide a signed SHA-1 hash instead >of just a MD5 hash. Finding a collision with MD5 is now very fast >(less than a minute), so signing an MD5 hash just give a false sense of >security in my opinion. Good point; I've retitled your bug and added it to the wishlist for cd images to remind me to look into it. Things are made *slightly* more complicated by the build system, but I'll get onto it soon. -- Steve McIntyre, Cambridge, UK. steve@einval.com "Every time you use Tcl, God kills a kitten." -- Malcolm Ray
Attachment:
signature.asc
Description: Digital signature