On Thu, 2007-06-14 at 00:32 -0400, Jim Popovitch wrote:
> What's up with security.debian.org? Apt is missing it. ;-)
Of course, as soon as I send the email
disregard previous email, apologies.
-Jim P.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble
What's up with security.debian.org? Apt is missing it. ;-)
-Jim P.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Tue, Jun 12, 2007 at 07:39:38PM -0400, Joey Hess wrote:
> Bernd Eckenfels wrote:
> > Because open source is all about choice.
>
> So it's there because of a platitude?
>
> > There might be admins using dpkg -i
> > or security officers who build their local mirrors manually.
>
> Then why don't
On Wed, Jun 13, 2007 at 11:14:15PM +0200, Steffen Schulz wrote:
On 070613 at 10:43, Florian Weimer wrote:
> AND the fact that it needs to be a valid .deb archive, they are
> probably more than strong enough.
This is actually not much of a problem:
http://www.cits.rub.de/MD5Collisions/
One ex
On 070613 at 10:43, Florian Weimer wrote:
> > AND the fact that it needs to be a valid .deb archive, they are
> > probably more than strong enough.
This is actually not much of a problem:
http://www.cits.rub.de/MD5Collisions/
One example how to create two files with same hash that act
differentl
* Henrique de Moraes Holschuh:
>> Size information doesn't buy you that much.
>
> When we are talking about a binary blob that matches the *same* md5sum? Yes,
> it does. Causing a MD5 colision with a message of the same size is far more
> difficult.
Oh, in this case, please show us a collision o
Mike Hommey wrote:
On Wed, Jun 13, 2007 at 10:37:26AM -0300, Henrique de Moraes Holschuh <[EMAIL
PROTECTED]> wrote:
On Wed, 13 Jun 2007, Florian Weimer wrote:
On Tue, 12 Jun 2007, Touko Korpela wrote:
Debian Security Advisories currently contain MD5 checksums. As MD5 is no
longer strong enoug
On Tuesday 12 June 2007 22.41:23 Touko Korpela wrote:
> Debian Security Advisories currently contain MD5 checksums. As MD5 is no
> longer strong enough, maybe it should be replaced by SHA1 or SHA256?
Strong enough for what?
You can get an md5 collision quite easily, but is 2nd preimage also broke
On Wed, Jun 13, 2007 at 10:37:26AM -0300, Henrique de Moraes Holschuh <[EMAIL
PROTECTED]> wrote:
> On Wed, 13 Jun 2007, Florian Weimer wrote:
> > > On Tue, 12 Jun 2007, Touko Korpela wrote:
> > >> Debian Security Advisories currently contain MD5 checksums. As MD5 is no
> > >> longer strong enough
On Wed, 13 Jun 2007, Florian Weimer wrote:
> > On Tue, 12 Jun 2007, Touko Korpela wrote:
> >> Debian Security Advisories currently contain MD5 checksums. As MD5 is no
> >> longer strong enough, maybe it should be replaced by SHA1 or SHA256?
> >
> > When combined with size information
>
> Size in
* Henrique de Moraes Holschuh:
> On Tue, 12 Jun 2007, Touko Korpela wrote:
>> Debian Security Advisories currently contain MD5 checksums. As MD5 is no
>> longer strong enough, maybe it should be replaced by SHA1 or SHA256?
>
> When combined with size information
Size information doesn't buy you
11 matches
Mail list logo
