View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001551 | SkyChart | 1-Software | public | 16-09-17 11:34 | 17-01-14 15:56 |
| Reporter | Eric Magnien | Assigned To | Patrick Chevalley | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Platform | Linux 64 bits | OS | Ubuntu | OS Version | 16.04 |
| Product Version | 3.11 SVN | ||||
| Target Version | 4.0 | ||||
| Summary | 0001551: Clé de sécurité jugée faible par Synaptic | ||||
| Description | J'ai suivi la procédure d'installation pour Ubuntu décrite dans la documentation. A chaque mise à jour du dépôt via synaptic, j'ai ce message suivant qui s'affiche : W: http://www.ap-i.net/apt/dists/unstable/InRelease: Signature by key 5247B5CB921337EBBEFB0A5FC56CCB02D79BF92A uses weak digest algorithm (SHA1) Ça ne m'empêche pas de mettre à jour skychart, mais je pense à tous ceux qui débutent sous linux, qu'un tel message d'avertissement pourrait faire peur... | ||||
| Steps To Reproduce | mise à jour via le logiciel synaptic | ||||
| Tags | No tags attached. | ||||
|
|
Oui, c'est une nouveauté de Debian qui vient d'arriver sur Ubuntu 16.04: https://wiki.debian.org/Teams/Apt/Sha1Removal Je vais remplacer la clé mais le problème c'est que ça va casser toutes les mises à jours existantes. J'attend donc la release de la version 4.0 pour le faire et l'annoncer. |
|
|
First step done, a new key is generated and tomorrow beta version install it in the apt keyring. Beta version ("deb http://www.ap-i.net/apt unstable main") will be switched to the new key in a few weeks. |
|
|
Will be definitively resolved during the release of 4.0 using the following procedure: - release 4.0 signed by the old key, include a postinst to install the new key if it is not already installed. - update the install instruction to refer to the new key only. - a few week later sign the repo with the new key. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 16-09-17 11:34 | Eric Magnien | New Issue | |
| 16-09-18 19:28 | Patrick Chevalley | Note Added: 0003377 | |
| 16-09-18 19:28 | Patrick Chevalley | Assigned To | => Patrick Chevalley |
| 16-09-18 19:28 | Patrick Chevalley | Status | new => confirmed |
| 16-09-18 19:28 | Patrick Chevalley | Target Version | => 4.0 |
| 16-09-18 22:52 | Patrick Chevalley | Note Added: 0003378 | |
| 17-01-14 15:56 | Patrick Chevalley | Status | confirmed => resolved |
| 17-01-14 15:56 | Patrick Chevalley | Resolution | open => fixed |
| 17-01-14 15:56 | Patrick Chevalley | Note Added: 0003529 |
