[Bug 1313388] Re: dist-upgrade uses weak (1024D) signing keys
Brian Murray
brian at ubuntu.com
Tue Apr 29 16:18:06 UTC 2014
** Changed in: update-manager (Ubuntu)
Importance: Undecided => Medium
** Changed in: update-manager (Ubuntu)
Status: Confirmed => Triaged
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to update-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1313388
Title:
dist-upgrade uses weak (1024D) signing keys
Status in “update-manager” package in Ubuntu:
Triaged
Bug description:
By default, System Settings > Software & Updates > Authentication
contains two 1024D keys from 2004 and two 4096R keys from 2012.
Removing the 1024D keys causes a dist-upgrade from Saucy to Trusty to
fail authentication, so they are evidently still used.
Debian considers 1024D keys weak and is in the process of removing
them: https://lists.debian.org/debian-devel-
announce/2014/03/msg00003.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1313388/+subscriptions
More information about the foundations-bugs
mailing list