Hi, This issue is only present in Debian stable/Lenny. Version 1.4.10 of GnuPG prefers SHA-256 over SHA-1. My question to the security team: Should this be backported to Lenny? I don't have a patch for this atm - we need to search the upstream VCS.
Regards, Daniel -- http://bugs.debian.org/559458
signature.asc
Description: This is a digitally signed message part
