[Slackbuilds-users] MD5 hash sums
thyr at airmail.cc
thyr at airmail.cc
Tue Aug 21 11:32:32 UTC 2018
Hello.
I have a question about DOWNLOAD and MD5SUM variables in the
<package>.info files.
As this page https://www.gnupg.org/faq/weak-digest-algos.html states:
> It is better to entirely avoid the MD5 algorithm and don't put any
> value in signatures based on MD5.
Would that be a valid concern for the .info files?
A lot of DOWNLOAD links are plain http ones and thus are suspectible to
MITM tinkering on the ISP side...
More information about the SlackBuilds-users
mailing list