Hi, until today our Release files included 3 Hashes for all their entries: MD5SUM, SHA1, SHA256. I just modified the code to no longer include MD5SUM in *all* newly generated Release files. I additionally opened a bug with apt to add support for SHA512SUM, so we can start using them. As soon as that is possible I intend to drop SHA256 and end up with SHA1/SHA512 only. And as a sidenote, taking the opportunity: We now also include the MD5SUMS of the debian-installer images, so those images can also be checked against a signature. (Yes, MD5, they dont provide more to us at the moment). -- bye, Joerg <towo> "Das Internet, jetzt auf 47 DVDs - oder auf 2 CDs in der jugenfreien Fassung"?
Attachment:
pgpMVqdr9WhEj.pgp
Description: PGP signature