Control: tags 700266 + fixed-upstream
To be closed in a future release - or today in upstream Gitlab commit
https://gitlab.com/fetchmail/fetchmail/-/commit/f67145650151ad0bab36e347a6ed73bd0be278f6
Hello,
Jakub Wilk, on dim. 10 févr. 2013 19:03:42 +0100, wrote:
> The --sslfingerprint accepts only MD5 fingerprints. MD5 should be considered
> cryptographically broken. Please at least add the possibility to specify
> SHA-1 fingerprints.
And I'd say SHA-256 too, now :)
Samuel
Thanks for mentioning this.
This will not be fixed in a 6.X version for compatibility reasons.
(I might fix the manual page for 6.3.25 though.)
I am not tagging "wontfix" because I do intend to fix this for the
future 7.0.X series.
We'd also need to add support for multiple fingerprints (for fai
Package: fetchmail
Version: 6.3.22-2
Severity: important
Tags: security
The --sslfingerprint accepts only MD5 fingerprints. MD5 should be
considered cryptographically broken. Please at least add the possibility
to specify SHA-1 fingerprints.
(As a side note, the manpage says that MD5 "is the
4 matches
Mail list logo
