Evolution forces SHA1 cipher for PGP signatures
Bug #381290 reported by
Daniel Silverstone
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Evolution |
Invalid
|
Undecided
|
Unassigned | ||
evolution-data-server |
Fix Released
|
Medium
|
|||
evolution-data-server (Ubuntu) |
Fix Released
|
Medium
|
Ubuntu Desktop Bugs |
Bug Description
Binary package hint: evolution
When sending a PGP signed message in Evolution, the signature algorithm is locked down to SHA1.
With the recent concern about SHA1 signatures, many people, including myself, are migrating to new GPG keys and SHA256 or SHA512 signatures by default. However those of us who use Evolution are unable to migrate properly yet because Evolution fails us in this respect.
Changed in evolution: | |
status: | Unknown → Confirmed |
affects: | evolution (Ubuntu) → evolution-data-server (Ubuntu) |
Changed in evolution: | |
importance: | Unknown → Undecided |
status: | Confirmed → New |
status: | New → Invalid |
Changed in evolution-data-server: | |
status: | Unknown → Confirmed |
Changed in evolution-data-server: | |
status: | Confirmed → Fix Released |
tags: | added: patch-accepted-upstream |
Changed in evolution-data-server: | |
importance: | Unknown → Medium |
To post a comment you must log in.
This attached patch stops the Evolution composer from *forcing* SHA1, instead allowing camel to choose the default cipher, whatever that might be.
This does not fully solve the problem but is the first step along the way.