Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#39210 - The default integrity check algorithm used by makepkg is MD5.

Attached to Project: Arch Linux
Opened by Wyatt J. Brown (sushidude) - Friday, 07 March 2014, 02:51 GMT
Last edited by Allan McRae (Allan) - Friday, 07 March 2014, 04:31 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To No-one
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No


Since the year 1996 multiple fatal flaws in the MD5 message-digest algorithm have been discovered, as such it is commonly known among cryptographers that it is unsuitable for applications such as digital signatures.

Unfortunately, the default option in /etc/makepkg.conf on line 86 defines MD5 as the default integrity check algorithm.

The integrity check algorithm is not just for verifying if a source file has been corrupted in transfer when running makepkg on a PKGBUILD, it is also used as an additional layer of security. Many upstream developers do not use HTTPS or sign their source code with PGP, and when a user is building a package from such a developer they are vulnerable to a man in the middle attack when MD5 is used.

Concerns have been raised that using a proper SHA-2 based algorithm such as SHA-512 or SHA-256 would present a performance issue on low power computers. However, the speed difference between SHA-2 algorithms and MD5 is extremely negligible even when hashing files orders of magnitudes larger than what common source files are. These integrity checks are also only used when building packages, not when installing them.

There are two steps to addressing this issue. First, line 86 in /etc/makepkg.conf in the pacman package should be changed to the following line.
Second, all PKGBUILD scripts should be updated to include SHA-512 hashes and remove the MD5 and or SHA-1 hashes. This includes those in the official repositories and especially the Arch User Repository. In order to enforce this policy on the Arch User Repository, any PKGBUILD scripts uploaded without SHA-512 hashes should be rejected from this point onward.
This task depends upon

Closed by  Allan McRae (Allan)
Friday, 07 March 2014, 04:31 GMT
Reason for closing:  Duplicate
Additional comments about closing:   FS#38543