On Fri, 3 Mar 2023 at 15:56, Ben Cotton <bcot...@redhat.com> wrote: > The current target release date is the early target date (2023-03-14). > The Go/No-Go meeting will be Thursday! > > Action summary > ==================== > > Accepted blockers > ----------------- > > 1. distribution — Workstation boot x86_64 image exceeds maximum size — POST > ACTION: gdb maintainers to remove the 'Recommends' for gcc-gdb-plugin from > gdb > > 2. crypto-policies — Insecure installed RPMs (like Google Chrome) > prevent system updates in F38, can't be removed — NEW > ACTION: Upstream to implement MR #129 > > > 2. crypto-policies — https://bugzilla.redhat.com/show_bug.cgi?id=2170878 > — NEW > Insecure installed RPMs (like Google Chrome) prevent system updates in > F38, can't be removed > > Some third-party repos (including Google Chrome) that sign packages > with SHA-1 cannot be uninstalled, which breaks upgrades. This was > designated a blocker by FESCo. Work is in progress upstream to allow > RPM to permit SHA-1 in the default policy while third-party repos > update to a supported hash function: > > https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/merge_requests/129
I think the issue is 'larger' than SHA-1. Google Chrome and some other 3rd party software seem to be signed with keys which are both SHA1 and DSA keys. Either one of these would cause the problem with not being able to update/uninstall/etc and since one is a checksum and the other is an encryption type need possibly different solutions. -- Stephen Smoogen, Red Hat Automotive Let us be kind to one another, for most of us are fighting a hard battle. -- Ian MacClaren
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue