We should move to something more secure than md5 for the uploaded sources.

This patch series implements the server-side part of this change, adding
support for sha512, but keeping support for md5 as a fallback for now.

We might want to drop the md5 fallback once we have migrated completely, that
is when fedpkg has been updated too.

The last patch is unrelated, but it's a fix for a problem I found while
testing this change.

https://fedorahosted.org/rel-eng/ticket/5846

_______________________________________________
infrastructure mailing list
infrastructure@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

Reply via email to