This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch main in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=3c42b0ed7f3c5a762f912583a033733ec9c0e7bf commit 3c42b0ed7f3c5a762f912583a033733ec9c0e7bf (HEAD -> main) Author: Guillem Jover <[email protected]> AuthorDate: Fri Dec 23 22:31:22 2022 +0100 Dpkg::OpenPGP::Backend::GnuPG: Set secure signing preferred algorithms The current GnuPG defaults with --openpgp cater for heavy backwards compatibility at the cost of being insecure but potentially being compatible with very old programs. We care more about secure defaults than backwards compatibility with ancient programs, so we pass our preferences to gpg when signing. This should also cover the case for users that have created old keys with insecure key preferences which might end up producing insecure signatures. Fixes: commit b83114daa69c50d368199d00fbb67e190068b273 Closes: #1028961 --- scripts/Dpkg/OpenPGP/Backend/GnuPG.pm | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm b/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm index 09cd54d0d..015e56e57 100644 --- a/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm +++ b/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm @@ -257,7 +257,10 @@ sub inline_sign { my @exec = ($self->{cmd}); push @exec, _gpg_options_weak_digests(); push @exec, qw(--utf8-strings --textmode --armor); + # Set conformance level. push @exec, '--openpgp'; + # Set secure algorithm preferences. + push @exec, '--personal-digest-preferences', 'SHA512 SHA384 SHA256 SHA224'; if ($key->type eq 'keyfile') { # Promote the keyfile keyhandle to a keystore, this way we share the # same gpg-agent and can get any password cached. -- Dpkg.Org's dpkg
