Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[build] Sign debs with sha512 #8002

Merged
merged 1 commit into from
Aug 22, 2016
Merged

[build] Sign debs with sha512 #8002

merged 1 commit into from
Aug 22, 2016

Conversation

jbudz
Copy link
Member

@jbudz jbudz commented Aug 15, 2016

Debian/ubuntu will be disabling support for release files signed with sha1 in the future, and currently a warning is shown. This makes sure the release file is signed using sha512. Closes #7992.

See https://wiki.debian.org/Teams/Apt/Sha1Removal

@jbudz
Copy link
Member Author

jbudz commented Aug 18, 2016

jenkins, test this

@epixa
Copy link
Contributor

epixa commented Aug 20, 2016

LGTM

@thomasneirynck thomasneirynck self-assigned this Aug 22, 2016
@thomasneirynck
Copy link
Contributor

LGTM

@thomasneirynck thomasneirynck removed their assignment Aug 22, 2016
@jbudz jbudz merged commit a254b7e into elastic:master Aug 22, 2016
elastic-jasper added a commit that referenced this pull request Aug 22, 2016
@elastic-jasper
Backport PR #8002
d921b15 
---------

**Commit 1:**
[build] Sign debs with sha512

* Original sha: 71b3f58
* Authored by Jonathan Budzenski <[email protected]> on 2016-08-15T14:34:53Z
elastic-jasper added a commit that referenced this pull request Aug 22, 2016
@elastic-jasper
Backport PR #8002
cd938e1 
---------

**Commit 1:**
[build] Sign debs with sha512

* Original sha: 71b3f58
* Authored by Jonathan Budzenski <[email protected]> on 2016-08-15T14:34:53Z
This was referenced Aug 22, 2016
Merged
Merged
jbudz added a commit that referenced this pull request Aug 22, 2016
@jbudz
Merge pull request #8045 from elastic/jasper/backport/8002/4.5
73d7dc6 
[backport] PR #8002 to 4.5
jbudz added a commit that referenced this pull request Aug 22, 2016
@jbudz
Merge pull request #8046 from elastic/jasper/backport/8002/4.x
c019020 
[backport] PR #8002 to 4.x
@cwhsu1984
Copy link

Hi,

my os is ubuntu 16.04
Is this issue fixed?

W: http://packages.elastic.co/kibana/4.5/debian/dists/stable/Release.gpg: Signature by key 46095ACC8548582C1A2699A9D27D666CD88E42B4 uses weak digest algorithm (SHA1)
W: GPG error: http://ppa.launchpad.net/webupd8team/java/ubuntu xenial InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C2518248EEA14886
W: The repository 'http://ppa.launchpad.net/webupd8team/java/ubuntu xenial InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

@epixa
Copy link
Contributor

epixa commented Nov 1, 2016

@cwhsu1984 This issue is fixed in 5.0.0 GA, but you need to remove the 5.x-prerelease repo and replace it with the 5.x repo in order to get GA instead of RC1.

Delete or empty /etc/apt/sources.list.d/kibana.list, then follow the instructions on https://www.elastic.co/guide/en/kibana/current/deb.html#deb-repo

airow pushed a commit to airow/kibana that referenced this pull request Feb 16, 2017
@jbudz
Merge pull request elastic#8002 from jbudz/issues/7992
d8e1457 
[build] Sign debs with sha512

Former-commit-id: a254b7e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
review v4.6.0 v5.0.0-beta1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jbudz @epixa @thomasneirynck @cwhsu1984