SRU request. Evolution on 10.04 LTS only supports SHA1 for the next 3 years. SHA2 would be nice.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
evolution (Ubuntu) |
Fix Released
|
Low
|
Unassigned |
Bug Description
Binary package hint: evolution
In the title I mean SRU not SRA.
For the next 3 years Ubuntu 10.04 LTS will only be able to support the SHA1 cipher. Thats 3 long years of using a broken and useless cipher. What are the options for those who require an LTS, there are no options. Upgrading to a non-LTS release defeats the purpose of using an LTS. I am very aware that hell would freeze over before this SRU request would be accepted. It's too bad that the SHA1 patch came too late for 10.04. I don't how easy an attack against SHA1 would be, would it be acceptable to wait 3 years if attacks against SHA1 are still hard enough as to not worry about it?
If SHA1 attacks are trivial, then would Ubuntu please consider an SRU.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: evolution 2.28.3-0ubuntu10
ProcVersionSign
Uname: Linux 2.6.32-24-generic x86_64
Architecture: amd64
CheckboxSubmission: f28209556208bad
CheckboxSystem: 6ce041aeed0a2c1
Date: Sat Sep 11 12:12:56 2010
ExecutablePath: /usr/bin/evolution
InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100427.1)
ProcEnviron:
SHELL=/bin/bash
LANG=en_US.utf8
SourcePackage: evolution
Ah crap, in the title I mean SRU not SRA.