[ITP] clamav-0.75.1-1 - A GPL virus scanner

[Brian Dessent]

Lapo Luchini wrote:

> Not so much OT: shouldn't we begin to use SHA256 as a file signature
> instead of MD5, gived that collisions are starting to be found? ;-)
> <http://www.schneier.com/crypto-gram-0409.html#3>

I know you were joking, but there's no need to switch away from MD5.  It
was not "broken" in any meaningful way for the purposes of integrity
verification, i.e. it is still secure to preimage attacks.

And it's trivial to prove that any hash has an infinite number of
collisions.

Brian