Debian derivatives census: timeline for dropping SHA-1 support from apt

To: Stefano Costa <steko@iosa.it>, Skylar Thompson <skylar@bccd.net>, Prema S <premas@cdac.in>, Luis Alejandro Martínez Faneyth <luis@huntingbears.com.ve>, Geoffrey Thomas <geofft@mit.edu>, Klaus Knopper <debian-knoppix@knopper.net>, Clement Lefebvre <debian@linuxmint.com>, Jeremiah Foster <jeremiah@jeremiahfoster.com>, Issamo Kisaka <issamo.kisaka@gmail.com>, Raquel de Souza Silva <raquelss08@gmail.com>, Michael Hall <mhall119@ubuntu.com>, Alex Oruzheinikov <a.oruzheynikov@rusbitech.ru>, Agus Purnomo <goesspoerr@gmail.com>, Sam Geeraerts <samgee@elmundolibre.be>, Fernando Toledo <ragnarok@docksud.com.ar>, Sofía Martin <smartin@linti.unlp.edu.ar>, Brice Delmotte <brice@substantiel.fr>, Peter Michael Green <plugwash@raspbian.org>, Adrian Gibanel <adrian15sgd@gmail.com>, Eugenio g7 Paolantonio <me@medesimo.eu>, Arjen Balfoort <arjenbalfoort@solydxk.com>, Paweł Pijanowski <pavroo@onet.eu>, John Vert <johnv@valvesoftware.com>, Markus Niewerth <mniewerth@ultimediaos.com>, Daniil Baturin <daniil@baturin.org>, Jesus Palencia <sinfallas@yahoo.com>, Leszek Lesner <leszek@zevenos.com>
Cc: debian-derivatives <debian-derivatives@lists.debian.org>
Subject: Debian derivatives census: timeline for dropping SHA-1 support from apt
From: Paul Wise <pabs@debian.org>
Date: Tue, 15 Mar 2016 19:42:09 +0800
Message-id: <[🔎] 1458042129.2669.99.camel@debian.org>

Hi all,

The Debian apt maintainers plan to drop SHA-1 support from apt:

https://juliank.wordpress.com/2016/03/14/dropping-sha-1-support-in-apt/

If you are in the To header on this mail then it means your derivative
relies on the security of MD5/SHA1 in some capacity. To find out where,
you can look at the check-package-list file for your distribution and
look at the Hash: fields at the top of your InRelease or Release.gpg
files. Please update your derivatives to add SHA-2 hashes in your apt
metadata and in your OpenPGP signatures of that apt metadata.

http://deriv.debian.net/Ubuntu/check-package-list

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: Debian derivatives census: timeline for dropping SHA-1 support from apt
  - From: Patrick Schleizer <adrelanos@riseup.net>
- Re: Debian derivatives census: timeline for dropping SHA-1 support from apt
  - From: peter green <plugwash@p10link.net>

Prev by Date: Re: Microsoft SONiC: invitation to join the Debian derivatives census
Next by Date: Re: Debian derivatives census: timeline for dropping SHA-1 support from apt
Previous by thread: Re: Microsoft SONiC: invitation to join the Debian derivatives census
Next by thread: Re: Debian derivatives census: timeline for dropping SHA-1 support from apt
Index(es):
- Date
- Thread