Bug#423902: apt should use both md5 and sha1

To: submit@bugs.debian.org
Subject: Bug#423902: apt should use both md5 and sha1
From: "Thomas Geyer" <geyerth@googlemail.com>
Date: Mon, 14 May 2007 22:20:18 +0200
Message-id: <[🔎] fe4da5070705141320i27935cf9qc20b84ef26ead30e@mail.gmail.com>
Reply-to: "Thomas Geyer" <geyerth@googlemail.com>, 423902@bugs.debian.org

Package: apt
Version: 0.6.46.4
Severity: wishlist


Collisions for md5 and sha1 were found allready,
so it's likely, that in the nearer future one of them alone won't be
safe enough.

Since it is harder to find collisions for two checksums than for one,
apt should use both of them at the same time for verifying packages.

Reply to:

Prev by Date: Bug#423766: apt: [INTL:eu] Basque program translation update
Next by Date: Processed: tagging 423766
Previous by thread: Bug#413551: #413551: apt-cache randomly abort on std::bad_alloc
Next by thread: Processed: tagging 423766
Index(es):
- Date
- Thread