Public bug reported: After installation, quassel-core generates a 1024-bit certificate using the SHA1 hash. Both of these are considered deprecated and somewhat insecure. The attached patch updates the postinst script to generate a 4096-bit certificate using the SHA256 hash instead.
The SHA256 certificate will not cause any compatibility problems because OpenSSL 1.0.0 and later support SHA256 certificates. All supported versions of Ubuntu and Debian have at least 1.0.1 and the supported Windows and Mac builds of Quassel are additionally compiled with a recent enough version to support the SHA256 certificate. ** Affects: quassel (Ubuntu) Importance: Undecided Status: New ** Patch added: "certificate.debdiff" https://bugs.launchpad.net/bugs/1455990/+attachment/4399156/+files/certificate.debdiff ** Summary changed: - Quasselcore generates an insecure certificate upon installation + quassel-core generates an insecure certificate upon installation -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1455990 Title: quassel-core generates an insecure certificate upon installation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/1455990/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs