groovy-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jim northrop <james.b.north...@googlemail.com>
Subject Re: Release Apache Groovy 2.4.7
Date Sat, 04 Jun 2016 08:53:35 GMT
what does this mean to the avg hacker ? do we need to fix our kit anyway ?

On 4 June 2016 at 10:50, Russel Winder <russel@winder.org.uk> wrote:

> On Fri, 2016-06-03 at 16:20 -0700, Konstantin Boudnik wrote:
> > +1 [binding]
> >
> > signature is ok
> > sha1 is ok
> > rat is ok
> > builds and produces functional binaries
> >
> > One small note: sha1 and md5 aren't considered secure, it'd make
> > sense to
> > switch into gpg generated checksums, perhaps. I can work on that in
> > the next a
> > couple of days, I guess
> >
>
> Just to back this up, Debian now effectively refuses to recognize SHA1
> signatures for things. SHA256 or SHA512.
>
> --
> Russel.
>
> =============================================================================
> Dr Russel Winder      t: +44 20 7585 2200   voip:
> sip:russel.winder@ekiga.net
> 41 Buckmaster Road    m: +44 7770 465 077   xmpp: russel@winder.org.uk
> London SW11 1EN, UK   w: www.russel.org.uk  skype: russel_winder

Mime
View raw message