[oe] [OE-core] BlueZ old releases have new checksums
Denys Dmytriyenko
denis at denix.org
Wed Jan 4 22:17:06 UTC 2012
On Wed, Jan 04, 2012 at 09:41:43PM +0100, Adriano Pallavicino wrote:
> Temporaly i've manually changed md5 and sha256sum. If needed i can prepare a
> patch
That wouldn't work reliably, as some people have an old copy saved locally,
while others can still download the same old copy from one of the mirrors...
--
Denys
> Il giorno 04/gen/2012, alle ore 21:14, Chris Larson <clarson at kergoth.com> ha scritto:
>
> > On Wed, Jan 4, 2012 at 11:14 AM, Denys Dmytriyenko <denis at denix.org> wrote:
> >> The main archive of BlueZ/obexd/hcidump releases on kernel.org[1] finally
> >> re-appeared after missing for long time since kernel.org compromise.
> >> Unfortunately, all previous tarballs have new checksums, breaking builds for
> >> anyone w/o previous copy cached. Old copies were also extensively mirrored,
> >> so you never know which one you fetch next time...
> >
> > Heh, checksums changing after a security compromise, that's worrisome
> > :) should diff their contents to see what's going on, or whether its
> > just a gzip timestamp change or something.
> > --
> > Christopher Larson
> >
> > _______________________________________________
> > Openembedded-devel mailing list
> > Openembedded-devel at lists.openembedded.org
> > http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-devel
>
> _______________________________________________
> Openembedded-devel mailing list
> Openembedded-devel at lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-devel
More information about the Openembedded-devel
mailing list