Hello Rob, There’s already an issue open since a year Bacula bug tracker
https://gitlab.bacula.org/bacula-community-edition/bacula-community/-/issues/2681 Up to now, I haven’t seen any progress or plan to fix this issue, this is why I’ve built my own binaries. If nobody from Bacula side provide a “fix”, I will simply share the rpm I have built on my own. Let’s wait a couple days of days to see how f something happen. I’ll keep you posted. Best regards Davide On Thu, May 9, 2024 at 17:37 Rob Gerber <r...@craeon.net> wrote: > Hello, > > The bacula community repo currently signs their packages with a SHA1 key. > SHA1 is deprecated in EL9 onwards, and poses a security risk that only > increases over time. > > Do the community package maintainers have any plans to update the package > signing process to use a SHA256 or greater SHA cipher? This would be a good > move for a project which positions itself in the enterprise software space. > > I appreciate that this change would entail change and difficulty, and that > there might be some downsides for users of older bacula distributions, or > for those who have previously installed bacula using an older key. I do not > know if it is possible to sign a package with both the old SHA1 key and a > newer SHA256+ key (I suspect not, but this isn't my field of expertise). > > Given that bacula 15.x is in beta, this might be a good time to sign the > next 15.x release with a new SHA256+ key, so at least packages 15.x onwards > are signed with a more secure cipher standard. > > Here is a brief writeup on the subject. I hope it is useful. > > https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9 > > Regards, > Robert Gerber > 402-237-8692 > r...@craeon.net > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users >
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
