All SHA256 after 'feisty' are wrong, we are using apt_pkg.sha256sum() to
generate them and it is broken (!)
{{{
>>> import apt_pkg
>>> apt_pkg.sha256sum(open('Packages.gz').read())
'baa89858c7e545390273530ba63c61b94c2e09d38c28b0a0311bfa7bde396181'
>>>
>>> from subprocess import call
>>> call(['sha256sum', 'Packages.gz'])
5b906ae167349ecd6699f39ed22e9e98221f780f3a6b15b6443d11b8726270ff Packages.gz
0
>>>
>>> from Crypto.Hash import SHA256
>>> print SHA256.new(open('Packages.gz').read()).hexdigest()
5b906ae167349ecd6699f39ed22e9e98221f780f3a6b15b6443d11b8726270ff
}}}
--
Hardy release files contain invalid SHA256 signatures.
https://bugs.launchpad.net/bugs/243630
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
