SHA256SUMS signed with SHA1

Bug #869330 reported by Chris West
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Ubuntu CD Images
Fix Released
High
Colin Watson

Bug Description

The signature on, e.g. http://cdimage.ubuntu.com/releases/oneiric/beta-2/SHA256SUMS.gpg , uses the SHA1 digest algorithm. This entirely removes any additional security offered by having SHA256SUMS in the first place.

Please migrate the signing procedure to use SHA256, at least for SHA256SUMS.

http://www.debian-administration.org/users/dkg/weblog/48 has simple instructions, and also a motivation for doing so. Note that this article is over two years old, and research into SHA1 has progressed significantly since then.

% curl http://cdimage.ubuntu.com/releases/oneiric/beta-2/SHA256SUMS.gpg | gpg -v
Please enter name of data file: /dev/null
...
gpg: binary signature, digest algorithm SHA1

(Also, why are there "MD5SUMS-metalink", but no secure sums for the metalink files? Not as much of a security issue as the resultant files from the metalink downloads should be verified anyway.)

Revision history for this message
Colin Watson (cjwatson) wrote :

This will require migrating to a new non-DSA signing key (and signing with both old and new keys for a while). We should probably do that anyway, but the new key will need to be signed by the Ubuntu master signing key, which will take some organisation to arrange.

Regarding MD5SUMS-metalink, I think it would be helpful if you could file a separate bug for that, as that's related to code in Wubi.

Changed in ubuntu-cdimage:
status: New → Triaged
importance: Undecided → High
Revision history for this message
Colin Watson (cjwatson) wrote :

This is finally fixed, and sorry for the delay:

cdimage@nusakan:~/cdimage/www/simple/trusty$ gpg --verbose --verify SHA256SUMS.gpg SHA256SUMS
gpg: armor header: Version: GnuPG v1.4.11 (GNU/Linux)
gpg: Signature made Thu Nov 12 00:49:55 2015 UTC using DSA key ID FBB75451
gpg: using classic trust model
gpg: Good signature from "Ubuntu CD Image Automatic Signing Key <email address hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: C598 6B4F 1257 FFA8 6632 CBA7 4618 1433 FBB7 5451
gpg: binary signature, digest algorithm SHA512
gpg: Signature made Thu Nov 12 00:49:55 2015 UTC using RSA key ID EFE21092
gpg: Good signature from "Ubuntu CD Image Automatic Signing Key (2012) <email address hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
gpg: binary signature, digest algorithm SHA512

Changed in ubuntu-cdimage:
assignee: nobody → Colin Watson (cjwatson)
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.