[Bug 1313388] Re: dist-upgrade uses weak (1024D) signing keys
Seth Arnold
1313388 at bugs.launchpad.net
Mon Apr 28 18:13:22 UTC 2014
Migrating away from 1024D keys sounds like a great idea. Thanks.
** Information type changed from Private Security to Public Security
** Changed in: update-manager (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to update-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1313388
Title:
dist-upgrade uses weak (1024D) signing keys
Status in “update-manager” package in Ubuntu:
Confirmed
Bug description:
By default, System Settings > Software & Updates > Authentication
contains two 1024D keys from 2004 and two 4096R keys from 2012.
Removing the 1024D keys causes a dist-upgrade from Saucy to Trusty to
fail authentication, so they are evidently still used.
Debian considers 1024D keys weak and is in the process of removing
them: https://lists.debian.org/debian-devel-
announce/2014/03/msg00003.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1313388/+subscriptions
More information about the foundations-bugs
mailing list