Re: sha1 policy not updated in rawhide

2024-07-19 Thread Zbigniew Jędrzejewski-Szmek
On Thu, Jul 18, 2024 at 08:00:05PM +0200, Miro Hrončok wrote: > On 18. 07. 24 19:52, Zbigniew Jędrzejewski-Szmek wrote: > > On Thu, Jul 18, 2024 at 03:49:11PM +0200, Alexander Sosedkin wrote: > > > On Thu, Jul 18, 2024 at 3:26 PM Zbigniew Jędrzejewski-Szmek > > > wrote: > > > > We recently noticed

Re: sha1 policy not updated in rawhide

2024-07-18 Thread Miro Hrončok
On 18. 07. 24 19:52, Zbigniew Jędrzejewski-Szmek wrote: On Thu, Jul 18, 2024 at 03:49:11PM +0200, Alexander Sosedkin wrote: On Thu, Jul 18, 2024 at 3:26 PM Zbigniew Jędrzejewski-Szmek wrote: We recently noticed in systemd upstream that sha1 signing is _not_ failing in rawhide. And indeed, the

Re: sha1 policy not updated in rawhide

2024-07-18 Thread Zbigniew Jędrzejewski-Szmek
On Thu, Jul 18, 2024 at 03:49:11PM +0200, Alexander Sosedkin wrote: > On Thu, Jul 18, 2024 at 3:26 PM Zbigniew Jędrzejewski-Szmek > wrote: > > We recently noticed in systemd upstream that sha1 signing is _not_ > > failing in rawhide. And indeed, the default crypto policy has > > not been updated t

Re: sha1 policy not updated in rawhide

2024-07-18 Thread Alexander Sosedkin
On Thu, Jul 18, 2024 at 3:26 PM Zbigniew Jędrzejewski-Szmek wrote: > We recently noticed in systemd upstream that sha1 signing is _not_ > failing in rawhide. And indeed, the default crypto policy has > not been updated to disallow sha1 signatures in rawhide yet. If this > is supposed to happen for

Re: sha1 policy not updated in rawhide

2024-07-18 Thread Zbigniew Jędrzejewski-Szmek
On Thu, Jul 18, 2024 at 03:37:13PM +0200, Alexander Sosedkin wrote: > Did your testing include this update from yesterday? > https://bodhi.fedoraproject.org/updates/FEDORA-2024-1f014d035e It didn't. So it seems all good, thanks. (I think this update didn't make it out into a compose yet, but it'l

Re: sha1 policy not updated in rawhide

2024-07-18 Thread Alexander Sosedkin
Did your testing include this update from yesterday? https://bodhi.fedoraproject.org/updates/FEDORA-2024-1f014d035e On Thu, Jul 18, 2024 at 3:26 PM Zbigniew Jędrzejewski-Szmek wrote: > > Hi, > > We recently noticed in systemd upstream that sha1 signing is _not_ > failing in rawhide. And indeed, t

sha1 policy not updated in rawhide

2024-07-18 Thread Zbigniew Jędrzejewski-Szmek
Hi, We recently noticed in systemd upstream that sha1 signing is _not_ failing in rawhide. And indeed, the default crypto policy has not been updated to disallow sha1 signatures in rawhide yet. If this is supposed to happen for F41, it should have happened before the mass rebuild so that we don't