Bugzilla – Bug 1190921
update tmate to 2.4
Last modified: 2021-10-04 10:20:28 UTC
We run our own internal tmate server and I was thinking that upgrading tmate in Leap to 2.4 might be worth it.
* MD5 has known collisions and it would be good to replace it with secure SHA256
* having 2.4 everywhere reduces friction for users:
providing users with different fingerprint configs for 2.2.x and 2.4 is harder
* the way MD5 is used in tmate, might not be affected by collisions
* all users of custom tmate servers will need to update their configs
- how do we notify them?
Alternatively, could we add a tmate24 package to Leap Update repos?