On Sun, 14 Aug 2011 23:48:09 +0200 Paul Wise <pabs@debian.org> wrote: > Hi all, > > If you are receiving this mail that means you are participating in the > Debian derivatives census[1] and that your entry has an issue. Thanks for continuing this QA work :) > Please ensure that: > > 1. Your APT repositories have SHA-1 hashes for every source and > binary package so we can compare with old Debian packages. > 2. If you are using SHA-1 hashes in your APT repositories, please > ensure that there is such a hash for every single file, > especially for all the source package files. > 3. SHA-256 hashes are not and will not be used by the census, but > Debian strongly encourages the use of hashes stronger than > SHA-1. > [...] > (http://bugs.debian.org/637563). Does this mean any derivative with a package from debian currently older then 2008 has no sha-1? If so, should derivatives be rebuilding the packages to ensure a sha1 is present? thanks, kk -- Karl Goetz, (Kamping_Kaiser / VK5FOSS) Debian contributor / gNewSense Maintainer http://www.kgoetz.id.au No, I won't join your social networking group
Attachment:
signature.asc
Description: PGP signature