gpgv: Untrust SHA1, RIPE-MD/160, but allow downgrading to weak

Change the trust level check to allow downgrading an Untrusted option to weak (APT::Hashes::SHA1::Weak "yes";), so it prints a warning instead of an error; and change the default values for SHA1 and RIPE-MD/160 from Weak to Untrusted.
author: Julian Andres Klode <jak@debian.org> 2016-11-25 13:12:28 +0100
committer: Julian Andres Klode <jak@debian.org> 2016-11-25 23:45:19 +0100
commit: 33d7a8d672c8c720947e81158de4a5a07be05b72 (patch)
tree: ffb291b59f965e12ea2749a7c16728c941eb4cfc /debian/NEWS
parent: 250687865e2d27dc949b810e59b07161a4c8f762 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/debian/NEWS b/debian/NEWS
index 934391456..2c2b33c10 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,3 +1,21 @@
+apt (1.4~beta1) UNRELEASED; urgency=medium
+
+  Support for GPG signatures using the SHA1 or RIPE-MD/160 hash
+  algorithms has been disabled. Repositories using Release files
+  signed in such a way will stop working. This change has been made
+  due to security considerations, especially with regards to possible
+  further breakthroughs in SHA1 breaking during the lifetime
+  of this APT release series.
+
+  It is possible (but STRONGLY ADVISED AGAINST) to revert to the previous
+  behaviour by setting the options
+    APT::Hashes::SHA1::Weak "yes";
+    APT::Hashes::RIPE-MD/160::Weak "yes";
+  Note that setting these options only affects the verification of the overall
+  repository signature.
+
+ -- Julian Andres Klode <jak@debian.org>  Fri, 25 Nov 2016 13:19:32 +0100
+
 apt (1.2~exp1) experimental; urgency=medium
 
   [ Automatic removal of debs after install ]
author	Julian Andres Klode <jak@debian.org>	2016-11-25 13:12:28 +0100
committer	Julian Andres Klode <jak@debian.org>	2016-11-25 23:45:19 +0100
commit	33d7a8d672c8c720947e81158de4a5a07be05b72 (patch)
tree	ffb291b59f965e12ea2749a7c16728c941eb4cfc /debian/NEWS
parent	250687865e2d27dc949b810e59b07161a4c8f762 (diff)