Re: [PATCH] Use sha256 for hashes in the release process

Mirror of the gdb-patches mailing list
 help / color / mirror / Atom feed

From: Simon Marchi <simark@simark.ca>
To: andreas@rammhold.de, gdb-patches@sourceware.org,
	Binutils <binutils@sourceware.org>
Subject: Re: [PATCH] Use sha256 for hashes in the release process
Date: Sun, 25 Oct 2020 22:24:59 -0400	[thread overview]
Message-ID: <2dcb2118-bd61-de63-60cb-e86abab0756e@simark.ca> (raw)
In-Reply-To: <20201026013347.6250-1-andreas@rammhold.de>

On 2020-10-25 9:33 p.m., andreas@rammhold.de wrote:

The binutils mailing list should be included in this patch (I added it
in this message).  See here for the patch:

    https://sourceware.org/pipermail/gdb-patches/2020-October/172848.html

> From: Andreas Rammhold <andreas@rammhold.de>
>
> I just came across the GDB 10.1 release notes and saw that md5 is still
> being used in those. I thought it would be a good idea to instead have a
> more modern, secure and wildly available hash function such as SHA256 as
> part of the release process.
>
> The changes have been done rather mechnically via sed but executing the
> `src-release.sh -b gdb` did work so I am confident about the result.
>
> While this does not directly address the release mails, as I was wasn't
> able to find the template/script used for those, this is probably still
> an improvement.

That sounds good to me.  I'm sure an argument against that will be that
it will break some people's scripts.  But in this case, I think a small
change like that (easy to adjust to), that impacts security (although
still a theoritical risk) is reasonable.

I am also not the one who does releases for GDB (nor binutils), so I
don't know what else this would impact.

> @@ -168,15 +168,15 @@ do_proto_toplev()
>
>  CVS_NAMES='-name CVS -o -name .cvsignore'
>
> -# Add an md5sum to the built tarball
> -do_md5sum()
> +# Add an sha256sum to the built tarball

Nit: an -> a

Simon

next prev parent reply	other threads:[~2020-10-26  2:25 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-26  1:33 andreas
2020-10-26  2:24 ` Simon Marchi [this message]
2020-10-26  3:04   ` andreas
2020-10-26  7:46   ` Andreas Schwab
2020-10-26 12:53     ` Simon Marchi
2020-10-26 13:31       ` Andreas Schwab
2020-10-26 14:10         ` Simon Marchi
2020-10-26 14:20           ` Andreas Schwab

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2dcb2118-bd61-de63-60cb-e86abab0756e@simark.ca \
    --to=simark@simark.ca \
    --cc=andreas@rammhold.de \
    --cc=binutils@sourceware.org \
    --cc=gdb-patches@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox