[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian derivatives census: timeline for dropping SHA-1 support from apt

Hi all,

The Debian apt maintainers plan to drop SHA-1 support from apt:


If you are in the To header on this mail then it means your derivative
relies on the security of MD5/SHA1 in some capacity. To find out where,
you can look at the check-package-list file for your distribution and
look at the Hash: fields at the top of your InRelease or Release.gpg
files. Please update your derivatives to add SHA-2 hashes in your apt
metadata and in your OpenPGP signatures of that apt metadata.




Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: