* David Kalnischkies <david@kalnischkies.de>, 2014-06-18, 14:11:
[0] And his skepticism was reinforced by (independent) discovery of this bug: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1098738*sigh*.... and this is still open? 8-OBefore someone is rushing to work on that (sorry, I was dreaming)… we actually have a rework for hashsum handling in libapt in our debian/experimental branch which as a minor sideeffect also solves this one. Required quiet some amount of work, multiple api breaks still and uhm… testing… but that is overrated. Someone checking this out would still be welcomed…
I've been using 1.1 for a while, and I'm happy to confirm that I can no longer reproduce LP#1098738.
I mean MD5 is _really_ broken now... actually I think any secure APTIf you happen to have a same-size preimage attack on MD5 I would be interested to hear about it.
Preimage attack would be the only one to worry about if we were regenerating all the tarballs ourselves. But this is not the case.
My upstream[0] has just released a new version of his software. I compared contents of the new tarball with with old one. The diff looked reasonable (modulo a new tiny security hole: #760455), and I found nothing suspicious inside. So I'm going to upload this package to Debian soon.
But maybe this .orig.tar.gz wasn't crafted so that it has an evil twin, with the same MD5 sum, but with completely different contents when unpacked. How could I know?
[0] Well, it was either him, or whoever hacked into the FTP server, or the man in the middle between me and the server. The tarball wasn't signed, and it was downloaded over HTTP, so you may never know.
-- Jakub Wilk