Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)
On Fri, Oct 12, 2012 at 8:30 AM, Christoph Anton Mitterer wrote:
> Sources files seems to use MD5, SHA1 and SHA256... though MD5 seems to
> have a "special status" (Files vs. Checksums-<algo>).
> That might be just historic, though.
> Similarly the Packages files... MD5/SHA1/SHA256...
Only since wheezy has that been true for all files listed in
Packages/Sources though. squeeze Packages is missing SHA-1 and SHA-256
for 1905 binary packages.