* [Buildroot] [PATCH 1/1] package/chicken: Update to 5.4.0
@ 2024-08-19 12:26 Woodrow Douglass via buildroot
2024-08-19 20:29 ` Thomas Petazzoni via buildroot
0 siblings, 1 reply; 11+ messages in thread
From: Woodrow Douglass via buildroot @ 2024-08-19 12:26 UTC (permalink / raw)
To: buildroot; +Cc: Woodrow Douglass
This release includes a fix for CVE-2022-45145
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
---
package/chicken/chicken.hash | 2 +-
package/chicken/chicken.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash
index 5a553da792..b5df49814b 100644
--- a/package/chicken/chicken.hash
+++ b/package/chicken/chicken.hash
@@ -1,4 +1,4 @@
# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256
-sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz
+sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.3.0.tar.gz
# Locally computed
sha256 b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 LICENSE
diff --git a/package/chicken/chicken.mk b/package/chicken/chicken.mk
index 0000fc635e..ca5f756995 100644
--- a/package/chicken/chicken.mk
+++ b/package/chicken/chicken.mk
@@ -4,7 +4,7 @@
#
################################################################################
-CHICKEN_VERSION = 5.3.0
+CHICKEN_VERSION = 5.4.0
CHICKEN_SITE = https://code.call-cc.org/releases/$(CHICKEN_VERSION)
CHICKEN_LICENSE = BSD-3-Clause
CHICKEN_LICENSE_FILES = LICENSE
--
2.39.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/chicken: Update to 5.4.0
2024-08-19 12:26 [Buildroot] [PATCH 1/1] package/chicken: Update to 5.4.0 Woodrow Douglass via buildroot
@ 2024-08-19 20:29 ` Thomas Petazzoni via buildroot
2024-08-20 11:32 ` Woody Douglass via buildroot
0 siblings, 1 reply; 11+ messages in thread
From: Thomas Petazzoni via buildroot @ 2024-08-19 20:29 UTC (permalink / raw)
To: Woodrow Douglass via buildroot; +Cc: Woodrow Douglass
Hello Woodrow,
On Mon, 19 Aug 2024 08:26:31 -0400
Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote:
> This release includes a fix for CVE-2022-45145
Then, could you update the commit title to:
package/chicken: security bump to 5.4.0
>
> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
> ---
> package/chicken/chicken.hash | 2 +-
> package/chicken/chicken.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash
> index 5a553da792..b5df49814b 100644
> --- a/package/chicken/chicken.hash
> +++ b/package/chicken/chicken.hash
> @@ -1,4 +1,4 @@
> # From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256
> -sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz
> +sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.3.0.tar.gz
Are you sure you tested the build? The tarball here is still named
chicken-5.4.0.tar.gz. Also pay attention to the comment in the .hash
file, which contains an URL with the version.
Thanks!
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/chicken: Update to 5.4.0
2024-08-19 20:29 ` Thomas Petazzoni via buildroot
@ 2024-08-20 11:32 ` Woody Douglass via buildroot
2024-08-20 11:40 ` [Buildroot] [PATCH] package/chicken: security bump " Woodrow Douglass via buildroot
0 siblings, 1 reply; 11+ messages in thread
From: Woody Douglass via buildroot @ 2024-08-20 11:32 UTC (permalink / raw)
To: Thomas Petazzoni, Woodrow Douglass via buildroot
On 8/19/24 16:29, Thomas Petazzoni wrote:
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender.
>
>
> Hello Woodrow,
>
> On Mon, 19 Aug 2024 08:26:31 -0400
> Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote:
>
>> This release includes a fix for CVE-2022-45145
> Then, could you update the commit title to:
>
> package/chicken: security bump to 5.4.0
>
>> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
>> ---
>> package/chicken/chicken.hash | 2 +-
>> package/chicken/chicken.mk | 2 +-
>> 2 files changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash
>> index 5a553da792..b5df49814b 100644
>> --- a/package/chicken/chicken.hash
>> +++ b/package/chicken/chicken.hash
>> @@ -1,4 +1,4 @@
>> # From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256
>> -sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz
>> +sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.3.0.tar.gz
> Are you sure you tested the build? The tarball here is still named
> chicken-5.4.0.tar.gz. Also pay attention to the comment in the .hash
> file, which contains an URL with the version.
I'm sorry! I ran a test build, but must have absentmindedly tested at
the wrong point in my patch-rebase-send cycle. I'll send a new patch soon!
> Thanks!
>
> Thomas
> --
> Thomas Petazzoni, co-owner and CEO, Bootlin
> Embedded Linux and Kernel engineering and training
> https://bootlin.com
Sorry again,
Woodrow Douglass
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Buildroot] [PATCH] package/chicken: security bump to 5.4.0
2024-08-20 11:32 ` Woody Douglass via buildroot
@ 2024-08-20 11:40 ` Woodrow Douglass via buildroot
2024-08-20 21:27 ` Thomas Petazzoni via buildroot
0 siblings, 1 reply; 11+ messages in thread
From: Woodrow Douglass via buildroot @ 2024-08-20 11:40 UTC (permalink / raw)
To: buildroot; +Cc: Woodrow Douglass
This release includes a fix for CVE-2022-45145
---
package/chicken/chicken.hash | 4 ++--
package/chicken/chicken.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash
index 5a553da792..0a3b0b15ce 100644
--- a/package/chicken/chicken.hash
+++ b/package/chicken/chicken.hash
@@ -1,4 +1,4 @@
-# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256
-sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz
+# From https://code.call-cc.org/releases/5.4.0/chicken-5.4.0.tar.gz.sha256
+sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.4.0.tar.gz
# Locally computed
sha256 b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 LICENSE
diff --git a/package/chicken/chicken.mk b/package/chicken/chicken.mk
index 0000fc635e..ca5f756995 100644
--- a/package/chicken/chicken.mk
+++ b/package/chicken/chicken.mk
@@ -4,7 +4,7 @@
#
################################################################################
-CHICKEN_VERSION = 5.3.0
+CHICKEN_VERSION = 5.4.0
CHICKEN_SITE = https://code.call-cc.org/releases/$(CHICKEN_VERSION)
CHICKEN_LICENSE = BSD-3-Clause
CHICKEN_LICENSE_FILES = LICENSE
--
2.39.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH] package/chicken: security bump to 5.4.0
2024-08-20 11:40 ` [Buildroot] [PATCH] package/chicken: security bump " Woodrow Douglass via buildroot
@ 2024-08-20 21:27 ` Thomas Petazzoni via buildroot
2024-08-21 12:40 ` Woody Douglass via buildroot
2024-08-21 12:44 ` [Buildroot] [PATCH v3] " Woodrow Douglass via buildroot
0 siblings, 2 replies; 11+ messages in thread
From: Thomas Petazzoni via buildroot @ 2024-08-20 21:27 UTC (permalink / raw)
To: Woodrow Douglass via buildroot; +Cc: Woodrow Douglass
On Tue, 20 Aug 2024 07:40:14 -0400
Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote:
> This release includes a fix for CVE-2022-45145
> ---
> package/chicken/chicken.hash | 4 ++--
> package/chicken/chicken.mk | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
Thanks for your new iteration... but this time around it lacks your
Signed-off-by line :-)
Also, when you send a new iteration, please label it [PATCH v2] and
include a small changelog.
See https://buildroot.org/downloads/manual/manual.html#submitting-patches
for more details.
Sorry if I'm a bit pedantic, but I believe this helps everyone learn
what the best practices for patch submission are. If you find I'm too
pedantic, let me know, and I'll try to be more flexible :-)
Thanks again!
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH] package/chicken: security bump to 5.4.0
2024-08-20 21:27 ` Thomas Petazzoni via buildroot
@ 2024-08-21 12:40 ` Woody Douglass via buildroot
2024-08-21 12:44 ` [Buildroot] [PATCH v3] " Woodrow Douglass via buildroot
1 sibling, 0 replies; 11+ messages in thread
From: Woody Douglass via buildroot @ 2024-08-21 12:40 UTC (permalink / raw)
To: Thomas Petazzoni, Woodrow Douglass via buildroot
On 8/20/24 17:27, Thomas Petazzoni via buildroot wrote:
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender.
>
>
> On Tue, 20 Aug 2024 07:40:14 -0400
> Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote:
>
>> This release includes a fix for CVE-2022-45145
>> ---
>> package/chicken/chicken.hash | 4 ++--
>> package/chicken/chicken.mk | 2 +-
>> 2 files changed, 3 insertions(+), 3 deletions(-)
> Thanks for your new iteration... but this time around it lacks your
> Signed-off-by line :-)
>
> Also, when you send a new iteration, please label it [PATCH v2] and
> include a small changelog.
> See https://buildroot.org/downloads/manual/manual.html#submitting-patches
> for more details.
>
> Sorry if I'm a bit pedantic, but I believe this helps everyone learn
> what the best practices for patch submission are. If you find I'm too
> pedantic, let me know, and I'll try to be more flexible :-)
>
> Thanks again!
>
> Thomas
> --
> Thomas Petazzoni, co-owner and CEO, Bootlin
> Embedded Linux and Kernel engineering and training
> https://bootlin.com
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
No problem, I'll submit a new patch in a bit. Also, don't worry about
being pedantic, I appreciate all the work you do maintaining buildroot!
Buildroot's mailing-list/git-send-email/patchwork workflow is different
then other projects I've contributed to, so sometimes I mess up the
rules, and I'm sorry for that. Thank you very much for your patience.
Woody
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Buildroot] [PATCH v3] package/chicken: security bump to 5.4.0
2024-08-20 21:27 ` Thomas Petazzoni via buildroot
2024-08-21 12:40 ` Woody Douglass via buildroot
@ 2024-08-21 12:44 ` Woodrow Douglass via buildroot
2024-08-24 7:07 ` Thomas Petazzoni via buildroot
1 sibling, 1 reply; 11+ messages in thread
From: Woodrow Douglass via buildroot @ 2024-08-21 12:44 UTC (permalink / raw)
To: buildroot; +Cc: Woodrow Douglass
This release includes a fix for CVE-2022-45145
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
--
Changes v2 -> v3:
- Add this changelog to commit message
- Add Signed-off-by to commit message
Changes v1 -> v2:
- Update version numbers in hash file
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
---
package/chicken/chicken.hash | 4 ++--
package/chicken/chicken.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash
index 5a553da792..0a3b0b15ce 100644
--- a/package/chicken/chicken.hash
+++ b/package/chicken/chicken.hash
@@ -1,4 +1,4 @@
-# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256
-sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz
+# From https://code.call-cc.org/releases/5.4.0/chicken-5.4.0.tar.gz.sha256
+sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.4.0.tar.gz
# Locally computed
sha256 b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 LICENSE
diff --git a/package/chicken/chicken.mk b/package/chicken/chicken.mk
index 0000fc635e..ca5f756995 100644
--- a/package/chicken/chicken.mk
+++ b/package/chicken/chicken.mk
@@ -4,7 +4,7 @@
#
################################################################################
-CHICKEN_VERSION = 5.3.0
+CHICKEN_VERSION = 5.4.0
CHICKEN_SITE = https://code.call-cc.org/releases/$(CHICKEN_VERSION)
CHICKEN_LICENSE = BSD-3-Clause
CHICKEN_LICENSE_FILES = LICENSE
--
2.39.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH v3] package/chicken: security bump to 5.4.0
2024-08-21 12:44 ` [Buildroot] [PATCH v3] " Woodrow Douglass via buildroot
@ 2024-08-24 7:07 ` Thomas Petazzoni via buildroot
2024-08-26 13:07 ` Woody Douglass via buildroot
2024-08-26 13:10 ` [Buildroot] [PATCH v4] " Woodrow Douglass via buildroot
0 siblings, 2 replies; 11+ messages in thread
From: Thomas Petazzoni via buildroot @ 2024-08-24 7:07 UTC (permalink / raw)
To: Woodrow Douglass via buildroot; +Cc: Woodrow Douglass
On Wed, 21 Aug 2024 08:44:14 -0400
Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote:
> This release includes a fix for CVE-2022-45145
>
> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
>
> --
> Changes v2 -> v3:
> - Add this changelog to commit message
> - Add Signed-off-by to commit message
>
> Changes v1 -> v2:
> - Update version numbers in hash file
>
> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
> ---
> package/chicken/chicken.hash | 4 ++--
> package/chicken/chicken.mk | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
Sorry to be annoying, but this patch breaks the legal information for
this package:
>>> chicken 5.4.0 Patching
>>> chicken 5.4.0 Collecting legal info
ERROR: while checking hashes from package/chicken/chicken.hash
ERROR: LICENSE has wrong sha256 hash:
ERROR: expected: b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37
ERROR: got : c0ed699d5c4a8687f90a6488244f7f57d48a7f2d42bb7461b08a0d69a07d4f58
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
make: *** [package/chicken/chicken.mk:46: chicken-legal-info] Error 1
So the hash of the license file needs to be updated *and* an
explanation about the changes in the license files must be added in the
commit log.
Also, please note that updating from 5.3.0 to 5.4.0 is OK as the
package is new in 2024.08, but as it fixes a security issue, we need to
have this fix in master, and therefore a more minimal update to 5.3.1
would have been preferable for master (and the update to 5.4.0 in our
next branch). But again, as this package is new, I think it is OK to
upgrade to 5.4.0 even in our master branch.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH v3] package/chicken: security bump to 5.4.0
2024-08-24 7:07 ` Thomas Petazzoni via buildroot
@ 2024-08-26 13:07 ` Woody Douglass via buildroot
2024-08-26 13:10 ` [Buildroot] [PATCH v4] " Woodrow Douglass via buildroot
1 sibling, 0 replies; 11+ messages in thread
From: Woody Douglass via buildroot @ 2024-08-26 13:07 UTC (permalink / raw)
To: Thomas Petazzoni, Woodrow Douglass via buildroot
On 8/24/24 03:07, Thomas Petazzoni wrote:
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender.
>
>
> On Wed, 21 Aug 2024 08:44:14 -0400
> Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote:
>
>> This release includes a fix for CVE-2022-45145
>>
>> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
>>
>> --
>> Changes v2 -> v3:
>> - Add this changelog to commit message
>> - Add Signed-off-by to commit message
>>
>> Changes v1 -> v2:
>> - Update version numbers in hash file
>>
>> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
>> ---
>> package/chicken/chicken.hash | 4 ++--
>> package/chicken/chicken.mk | 2 +-
>> 2 files changed, 3 insertions(+), 3 deletions(-)
> Sorry to be annoying, but this patch breaks the legal information for
Not annoying at all, it's my lack of diligence, I'm sorry. I'll add
`make chicken-legal-info` to my list of things i do to test.
> this package:
>
>>>> chicken 5.4.0 Patching
>>>> chicken 5.4.0 Collecting legal info
> ERROR: while checking hashes from package/chicken/chicken.hash
> ERROR: LICENSE has wrong sha256 hash:
> ERROR: expected: b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37
> ERROR: got : c0ed699d5c4a8687f90a6488244f7f57d48a7f2d42bb7461b08a0d69a07d4f58
> ERROR: Incomplete download, or man-in-the-middle (MITM) attack
> make: *** [package/chicken/chicken.mk:46: chicken-legal-info] Error 1
>
> So the hash of the license file needs to be updated *and* an
> explanation about the changes in the license files must be added in the
> commit log.
>
> Also, please note that updating from 5.3.0 to 5.4.0 is OK as the
> package is new in 2024.08, but as it fixes a security issue, we need to
> have this fix in master, and therefore a more minimal update to 5.3.1
> would have been preferable for master (and the update to 5.4.0 in our
> next branch). But again, as this package is new, I think it is OK to
> upgrade to 5.4.0 even in our master branch.
>
> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com
I'll send a revision of the patch soon
Thanks,
Woodrow Douglass
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Buildroot] [PATCH v4] package/chicken: security bump to 5.4.0
2024-08-24 7:07 ` Thomas Petazzoni via buildroot
2024-08-26 13:07 ` Woody Douglass via buildroot
@ 2024-08-26 13:10 ` Woodrow Douglass via buildroot
2024-08-26 16:33 ` Thomas Petazzoni via buildroot
1 sibling, 1 reply; 11+ messages in thread
From: Woodrow Douglass via buildroot @ 2024-08-26 13:10 UTC (permalink / raw)
To: buildroot; +Cc: Woodrow Douglass
This release includes a fix for CVE-2022-45145. Also, a copyright date
in the LICENSE file changed, so the hash for it has changed too.
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
--
Changes v3 -> v4:
- Fix incorrect license hash
Changes v2 -> v3:
- Add this changelog to commit message
- Add Signed-off-by to commit message
Changes v1 -> v2:
- Update version numbers in hash file
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
---
package/chicken/chicken.hash | 6 +++---
package/chicken/chicken.mk | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash
index 5a553da792..bf2ea6902d 100644
--- a/package/chicken/chicken.hash
+++ b/package/chicken/chicken.hash
@@ -1,4 +1,4 @@
-# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256
-sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz
+# From https://code.call-cc.org/releases/5.4.0/chicken-5.4.0.tar.gz.sha256
+sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.4.0.tar.gz
# Locally computed
-sha256 b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 LICENSE
+sha256 c0ed699d5c4a8687f90a6488244f7f57d48a7f2d42bb7461b08a0d69a07d4f58 LICENSE
\ No newline at end of file
diff --git a/package/chicken/chicken.mk b/package/chicken/chicken.mk
index 0000fc635e..ca5f756995 100644
--- a/package/chicken/chicken.mk
+++ b/package/chicken/chicken.mk
@@ -4,7 +4,7 @@
#
################################################################################
-CHICKEN_VERSION = 5.3.0
+CHICKEN_VERSION = 5.4.0
CHICKEN_SITE = https://code.call-cc.org/releases/$(CHICKEN_VERSION)
CHICKEN_LICENSE = BSD-3-Clause
CHICKEN_LICENSE_FILES = LICENSE
--
2.39.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH v4] package/chicken: security bump to 5.4.0
2024-08-26 13:10 ` [Buildroot] [PATCH v4] " Woodrow Douglass via buildroot
@ 2024-08-26 16:33 ` Thomas Petazzoni via buildroot
0 siblings, 0 replies; 11+ messages in thread
From: Thomas Petazzoni via buildroot @ 2024-08-26 16:33 UTC (permalink / raw)
To: Woodrow Douglass via buildroot; +Cc: Woodrow Douglass
On Mon, 26 Aug 2024 09:10:25 -0400
Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote:
> This release includes a fix for CVE-2022-45145. Also, a copyright date
> in the LICENSE file changed, so the hash for it has changed too.
>
> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
>
> --
> Changes v3 -> v4:
> - Fix incorrect license hash
>
> Changes v2 -> v3:
> - Add this changelog to commit message
> - Add Signed-off-by to commit message
>
> Changes v1 -> v2:
> - Update version numbers in hash file
>
> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
> ---
> package/chicken/chicken.hash | 6 +++---
> package/chicken/chicken.mk | 2 +-
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash
> index 5a553da792..bf2ea6902d 100644
> --- a/package/chicken/chicken.hash
> +++ b/package/chicken/chicken.hash
> @@ -1,4 +1,4 @@
> -# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256
> -sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz
> +# From https://code.call-cc.org/releases/5.4.0/chicken-5.4.0.tar.gz.sha256
> +sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.4.0.tar.gz
> # Locally computed
> -sha256 b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 LICENSE
> +sha256 c0ed699d5c4a8687f90a6488244f7f57d48a7f2d42bb7461b08a0d69a07d4f58 LICENSE
> \ No newline at end of file
^^^ There was a minor issue here with the missing new line. This is
spotted by "make check-package":
WARNING: package/chicken/chicken.hash:4: missing newline at end of file
I fixed that up, and applied to master. Thanks a lot!
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2024-08-26 16:34 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-08-19 12:26 [Buildroot] [PATCH 1/1] package/chicken: Update to 5.4.0 Woodrow Douglass via buildroot
2024-08-19 20:29 ` Thomas Petazzoni via buildroot
2024-08-20 11:32 ` Woody Douglass via buildroot
2024-08-20 11:40 ` [Buildroot] [PATCH] package/chicken: security bump " Woodrow Douglass via buildroot
2024-08-20 21:27 ` Thomas Petazzoni via buildroot
2024-08-21 12:40 ` Woody Douglass via buildroot
2024-08-21 12:44 ` [Buildroot] [PATCH v3] " Woodrow Douglass via buildroot
2024-08-24 7:07 ` Thomas Petazzoni via buildroot
2024-08-26 13:07 ` Woody Douglass via buildroot
2024-08-26 13:10 ` [Buildroot] [PATCH v4] " Woodrow Douglass via buildroot
2024-08-26 16:33 ` Thomas Petazzoni via buildroot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox