* [PATCH][meta-oe] libp11: update to 0.4.10
@ 2019-05-28 16:52 Oleksandr Kravchuk
2019-05-28 18:09 ` Adrian Bunk
0 siblings, 1 reply; 3+ messages in thread
From: Oleksandr Kravchuk @ 2019-05-28 16:52 UTC (permalink / raw)
To: openembedded-devel; +Cc: Oleksandr Kravchuk
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
---
.../libp11/{libp11_0.4.7.bb => libp11_0.4.10.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta-oe/recipes-support/libp11/{libp11_0.4.7.bb => libp11_0.4.10.bb} (92%)
diff --git a/meta-oe/recipes-support/libp11/libp11_0.4.7.bb b/meta-oe/recipes-support/libp11/libp11_0.4.10.bb
similarity index 92%
rename from meta-oe/recipes-support/libp11/libp11_0.4.7.bb
rename to meta-oe/recipes-support/libp11/libp11_0.4.10.bb
index 87d99c1a6..2911e37c7 100644
--- a/meta-oe/recipes-support/libp11/libp11_0.4.7.bb
+++ b/meta-oe/recipes-support/libp11/libp11_0.4.10.bb
@@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fad9b3332be894bab9bc501572864b29"
DEPENDS = "libtool openssl"
SRC_URI = "git://github.com/OpenSC/libp11.git"
-SRCREV = "64569a391897bd29c5060b19fa4613e619e59277"
+SRCREV = "libp11-0.4.10"
S = "${WORKDIR}/git"
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH][meta-oe] libp11: update to 0.4.10
2019-05-28 16:52 [PATCH][meta-oe] libp11: update to 0.4.10 Oleksandr Kravchuk
@ 2019-05-28 18:09 ` Adrian Bunk
2019-05-28 19:08 ` Martin Jansa
0 siblings, 1 reply; 3+ messages in thread
From: Adrian Bunk @ 2019-05-28 18:09 UTC (permalink / raw)
To: Oleksandr Kravchuk; +Cc: openembedded-devel
On Tue, May 28, 2019 at 06:52:00PM +0200, Oleksandr Kravchuk wrote:
> Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
> ---
> .../libp11/{libp11_0.4.7.bb => libp11_0.4.10.bb} | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
> rename meta-oe/recipes-support/libp11/{libp11_0.4.7.bb => libp11_0.4.10.bb} (92%)
>
> diff --git a/meta-oe/recipes-support/libp11/libp11_0.4.7.bb b/meta-oe/recipes-support/libp11/libp11_0.4.10.bb
> similarity index 92%
> rename from meta-oe/recipes-support/libp11/libp11_0.4.7.bb
> rename to meta-oe/recipes-support/libp11/libp11_0.4.10.bb
> index 87d99c1a6..2911e37c7 100644
> --- a/meta-oe/recipes-support/libp11/libp11_0.4.7.bb
> +++ b/meta-oe/recipes-support/libp11/libp11_0.4.10.bb
> @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fad9b3332be894bab9bc501572864b29"
> DEPENDS = "libtool openssl"
>
> SRC_URI = "git://github.com/OpenSC/libp11.git"
> -SRCREV = "64569a391897bd29c5060b19fa4613e619e59277"
> +SRCREV = "libp11-0.4.10"
>...
This is not a good idea - upstream might move the label,
and a man-in-the-middle attack on someone building this
recipe might also be possible.
Please use a commit hash instead.
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH][meta-oe] libp11: update to 0.4.10
2019-05-28 18:09 ` Adrian Bunk
@ 2019-05-28 19:08 ` Martin Jansa
0 siblings, 0 replies; 3+ messages in thread
From: Martin Jansa @ 2019-05-28 19:08 UTC (permalink / raw)
To: Adrian Bunk; +Cc: openembedded-devel, Oleksandr Kravchuk
[-- Attachment #1: Type: text/plain, Size: 1675 bytes --]
On Tue, May 28, 2019 at 09:09:45PM +0300, Adrian Bunk wrote:
> On Tue, May 28, 2019 at 06:52:00PM +0200, Oleksandr Kravchuk wrote:
> > Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
> > ---
> > .../libp11/{libp11_0.4.7.bb => libp11_0.4.10.bb} | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> > rename meta-oe/recipes-support/libp11/{libp11_0.4.7.bb => libp11_0.4.10.bb} (92%)
> >
> > diff --git a/meta-oe/recipes-support/libp11/libp11_0.4.7.bb b/meta-oe/recipes-support/libp11/libp11_0.4.10.bb
> > similarity index 92%
> > rename from meta-oe/recipes-support/libp11/libp11_0.4.7.bb
> > rename to meta-oe/recipes-support/libp11/libp11_0.4.10.bb
> > index 87d99c1a6..2911e37c7 100644
> > --- a/meta-oe/recipes-support/libp11/libp11_0.4.7.bb
> > +++ b/meta-oe/recipes-support/libp11/libp11_0.4.10.bb
> > @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fad9b3332be894bab9bc501572864b29"
> > DEPENDS = "libtool openssl"
> >
> > SRC_URI = "git://github.com/OpenSC/libp11.git"
> > -SRCREV = "64569a391897bd29c5060b19fa4613e619e59277"
> > +SRCREV = "libp11-0.4.10"
> >...
>
> This is not a good idea - upstream might move the label,
> and a man-in-the-middle attack on someone building this
> recipe might also be possible.
Not only that, but bitbake fetcher will convert the tag name to the hash
every single time the recipe is being parsed which is not only annoying,
but also breaks parsing for people who don't even use this recipe when
they loose network connection during build (or build intentionally
without one).
--
Martin 'JaMa' Jansa jabber: Martin.Jansa@gmail.com
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 201 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-05-28 19:08 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-05-28 16:52 [PATCH][meta-oe] libp11: update to 0.4.10 Oleksandr Kravchuk
2019-05-28 18:09 ` Adrian Bunk
2019-05-28 19:08 ` Martin Jansa
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.