[oe] [PATCH] wrong checksum for libsdl-mixer-1.2.9
Frans Meulenbroeks
fransmeulenbroeks at gmail.com
Sat Nov 21 18:07:45 UTC 2009
2009/11/21 Bernhard Kaindl <bernhard.kaindl at gmx.net>:
> Hi,
> indeed, the SDL_mixer-1.2.9.tar.gz has changed on
> http://www.libsdl.org/projects/SDL_net/release,
> so conf/checksums.ini is outdated, as it stands, and has to be updated:
>
> Signed-off-by: Bernhard Kaindl <bernhard.kaindl at gmx.net>
>
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/conf/checksums.ini b/conf/checksums.ini
> index 784a092..e1aac1f 100644
> --- a/conf/checksums.ini
> +++ b/conf/checksums.ini
> @@ -1099,8 +1099,8 @@ md5=0b5b91015d0f3bd9597e094ba67c4d65
> sha256=a8222a274778ff16d0e3ee49a30db27a48a4d357169a915fc599a764e405e0b6
>
> [http://www.libsdl.org/projects/SDL_mixer/release/SDL_mixer-1.2.9.tar.gz]
> -md5=a9eb8750e920829ff41dbe7555850156
> -sha256=557910a4a3aeed6d10238e26b5a39b19247115a1b352580082bb15dc02ae4b8d
> +md5=09eb4585f46d3527fe7fce8af8f9e591
> +sha256=7216a89d92327d2f0fe03e78f3c758a52be68c29daf8e971c226f4a3191e9ec0
>
> [http://www.libsdl.org/projects/SDL_net/release/SDL_net-1.2.5.tar.gz]
> md5=e45b1048d2747480dcc65ece4130a920
>
> Philip Balister schrieb:
>>
>> On 11/21/2009 01:15 AM, Robert P. J. Day wrote:
>>>
>>> On Sat, 21 Nov 2009, GNUtoo wrote:
>>>>
>>>> `/home/embedded/sources/SDL_mixer-1.2.9.tar.gz' saved [2690766/2690766]
>>>>
>>>> NOTE: The MD5Sums did not match. Wanted:
>>>> 'a9eb8750e920829ff41dbe7555850156' and Got:
>>>> '09eb4585f46d3527fe7fce8af8f9e591'
>>>
>>> that second checksum is, in fact, the correct one for that tarball.
>>> and the sha256sum in conf/checksums.ini also doesn't match the one for
>>> that tarball. if that used to be correct, does that mean someone has
>>> replaced a tarball with a different but identically-named one?
Before committing this patch I would suggest comparing the new and the
old version to find out what is actually causing this and what has
been changed.
If we just blindly change checksums we might as well abandon them.
Also note that a change of the checksum means that everyone who has
the file in his/her download dir will get a checksum error.
For now a nack from me.
As this already happened before recently (perl twig) I suggest we
adapt a policy for this or maybe some automated removal (e.g. if you
have a file in your downloads dir with a checksum in blacklist.ini
that version is not used but removed or parked aside or something like
that).
Frans
More information about the Openembedded-devel
mailing list