Bug#268658: Package pages should provide MD5SUMs of contents

To: submit@bugs.debian.org
Subject: Bug#268658: Package pages should provide MD5SUMs of contents
From: "Ingo Wilken" <Ingo.Wilken@Informatik.Uni-Oldenburg.DE>
Date: Sat, 28 Aug 2004 16:49:14 +0200 (MET DST)
Message-id: <[🔎] E1C14W2-0000be-00@petersfehn.Informatik.Uni-Oldenburg.DE>
Reply-to: "Ingo Wilken" <Ingo.Wilken@Informatik.Uni-Oldenburg.DE>, 268658@bugs.debian.org

Package: www.debian.org


On the individual package pages (for example 
<http://packages.debian.org/testing/base/procps>) there are links to
show the list of files of this package for every architecture (under
the download buttons).

This list is rather useless - it only shows the file name and the
package name for every file contained in the package.  It should also
provide the MD5 hash of every file.  This would help for quick manual
checks whether an installed binary was compromised:  Boot from a CDROM-
based distribution (e.g. Knoppix), run md5sum on the suspect file and
compare it to the listing on the package page.  For now I have to
download the whole package and extract the control information to get
a MD5 string that can be trusted (since /var/lib/dpkg/info/ on that
machine might be manipulated too).

Regards,
Ingo

Reply to:

Prev by Date: Re: Here is the document
Next by Date: Processed: severity 268658 wishlist
Previous by thread: Re: Here is the document
Next by thread: Processed: severity 268658 wishlist
Index(es):
- Date
- Thread