Opened 8 years ago
Closed 8 years ago
#16391 closed defect (invalid)
Installation MSI files are still signed with SHA1 and not SHA256
| Reported by: | talr | Owned by: | |
|---|---|---|---|
| Component: | installer | Version: | VirtualBox 5.1.0 |
| Keywords: | Cc: | ||
| Guest type: | Linux | Host type: | Windows |
Description
The MSI files for vbox 4.3.40 & 5.1 (only checked these) are only signed with SHA1 where as files such as common.cab is signed also with SHA256
for example: VirtualBox-5.1.0-108711-Win.exe --extract look inside %temp%\Virtualbox\
see files signature: VirtualBox-5.1.0-r108711-MultiArch_amd64.msi VirtualBox-5.1.0-r108711-MultiArch_x86.msi
Note:
See TracTickets
for help on using tickets.
VirtualBox 4.3.x is no longer supported. For VirtualBox 5.1.x (and 5.0.x) please install the latest available package of this branch as older packages may contain security bugs. The files from VirtualBox 5.1.12 and 5.0.30 are signed with both SHA1 and SHA256.