First Last Prev Next    This bug is not in your last search results.
Bug 42011 - ucc cool solutions package repo release signatures have weak digest algorithm
ucc cool solutions package repo release signatures have weak digest algorithm
Status: CLOSED WONTFIX
Product: Z_Univention Corporate Client (UCC)
Classification: Unclassified
Component: General
UCC 3.0
Other Linux
: P5 normal
: ---
Assigned To: UCC maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-08-16 15:43 CEST by Felix Botner
Modified: 2023-06-28 10:32 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.069
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Felix Botner univentionstaff 2016-08-16 15:43:18 CEST 
With UCC 3.0, SHA1 for release signatures is no longer supported


-> more /etc/apt/sources.list.d/ucc.list 
...
deb http://ucc.software-univention.de/unmaintained/component/ ucc-coolsolutions/all/
deb http://ucc.software-univention.de/unmaintained/component/ ucc-coolsolutions/i386/

-> apt-get update
...
W: http://ucc.software-univention.de/unmaintained/component/ucc-coolsolutions/all/Release.gpg: Signature by key D523B8FD547C464C9EA89D5B5E9F163B66AA3A17 uses weak digest algorithm (SHA1)
W: http://ucc.software-univention.de/unmaintained/component/ucc-coolsolutions/i386/Release.gpg: Signature by key D523B8FD547C464C9EA89D5B5E9F163B66AA3A17 uses weak digest algorithm (SHA1)

see https://juliank.wordpress.com/2016/03/14/dropping-sha-1-support-in-apt/
Comment 1 Philipp Hahn univentionstaff 2023-06-28 10:30:25 CEST 
UCC is EoL
First Last Prev Next    This bug is not in your last search results.