* [Buildroot] [PATCH 1/1] package/chicken: Update to 5.4.0 @ 2024-08-19 12:26 Woodrow Douglass via buildroot 2024-08-19 20:29 ` Thomas Petazzoni via buildroot 0 siblings, 1 reply; 11+ messages in thread From: Woodrow Douglass via buildroot @ 2024-08-19 12:26 UTC (permalink / raw) To: buildroot; +Cc: Woodrow Douglass This release includes a fix for CVE-2022-45145 Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> --- package/chicken/chicken.hash | 2 +- package/chicken/chicken.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash index 5a553da792..b5df49814b 100644 --- a/package/chicken/chicken.hash +++ b/package/chicken/chicken.hash @@ -1,4 +1,4 @@ # From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256 -sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz +sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.3.0.tar.gz # Locally computed sha256 b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 LICENSE diff --git a/package/chicken/chicken.mk b/package/chicken/chicken.mk index 0000fc635e..ca5f756995 100644 --- a/package/chicken/chicken.mk +++ b/package/chicken/chicken.mk @@ -4,7 +4,7 @@ # ################################################################################ -CHICKEN_VERSION = 5.3.0 +CHICKEN_VERSION = 5.4.0 CHICKEN_SITE = https://code.call-cc.org/releases/$(CHICKEN_VERSION) CHICKEN_LICENSE = BSD-3-Clause CHICKEN_LICENSE_FILES = LICENSE -- 2.39.2 _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/chicken: Update to 5.4.0 2024-08-19 12:26 [Buildroot] [PATCH 1/1] package/chicken: Update to 5.4.0 Woodrow Douglass via buildroot @ 2024-08-19 20:29 ` Thomas Petazzoni via buildroot 2024-08-20 11:32 ` Woody Douglass via buildroot 0 siblings, 1 reply; 11+ messages in thread From: Thomas Petazzoni via buildroot @ 2024-08-19 20:29 UTC (permalink / raw) To: Woodrow Douglass via buildroot; +Cc: Woodrow Douglass Hello Woodrow, On Mon, 19 Aug 2024 08:26:31 -0400 Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote: > This release includes a fix for CVE-2022-45145 Then, could you update the commit title to: package/chicken: security bump to 5.4.0 > > Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> > --- > package/chicken/chicken.hash | 2 +- > package/chicken/chicken.mk | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > > diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash > index 5a553da792..b5df49814b 100644 > --- a/package/chicken/chicken.hash > +++ b/package/chicken/chicken.hash > @@ -1,4 +1,4 @@ > # From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256 > -sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz > +sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.3.0.tar.gz Are you sure you tested the build? The tarball here is still named chicken-5.4.0.tar.gz. Also pay attention to the comment in the .hash file, which contains an URL with the version. Thanks! Thomas -- Thomas Petazzoni, co-owner and CEO, Bootlin Embedded Linux and Kernel engineering and training https://bootlin.com _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/chicken: Update to 5.4.0 2024-08-19 20:29 ` Thomas Petazzoni via buildroot @ 2024-08-20 11:32 ` Woody Douglass via buildroot 2024-08-20 11:40 ` [Buildroot] [PATCH] package/chicken: security bump " Woodrow Douglass via buildroot 0 siblings, 1 reply; 11+ messages in thread From: Woody Douglass via buildroot @ 2024-08-20 11:32 UTC (permalink / raw) To: Thomas Petazzoni, Woodrow Douglass via buildroot On 8/19/24 16:29, Thomas Petazzoni wrote: > CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender. > > > Hello Woodrow, > > On Mon, 19 Aug 2024 08:26:31 -0400 > Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote: > >> This release includes a fix for CVE-2022-45145 > Then, could you update the commit title to: > > package/chicken: security bump to 5.4.0 > >> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> >> --- >> package/chicken/chicken.hash | 2 +- >> package/chicken/chicken.mk | 2 +- >> 2 files changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash >> index 5a553da792..b5df49814b 100644 >> --- a/package/chicken/chicken.hash >> +++ b/package/chicken/chicken.hash >> @@ -1,4 +1,4 @@ >> # From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256 >> -sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz >> +sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.3.0.tar.gz > Are you sure you tested the build? The tarball here is still named > chicken-5.4.0.tar.gz. Also pay attention to the comment in the .hash > file, which contains an URL with the version. I'm sorry! I ran a test build, but must have absentmindedly tested at the wrong point in my patch-rebase-send cycle. I'll send a new patch soon! > Thanks! > > Thomas > -- > Thomas Petazzoni, co-owner and CEO, Bootlin > Embedded Linux and Kernel engineering and training > https://bootlin.com Sorry again, Woodrow Douglass _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 11+ messages in thread
* [Buildroot] [PATCH] package/chicken: security bump to 5.4.0 2024-08-20 11:32 ` Woody Douglass via buildroot @ 2024-08-20 11:40 ` Woodrow Douglass via buildroot 2024-08-20 21:27 ` Thomas Petazzoni via buildroot 0 siblings, 1 reply; 11+ messages in thread From: Woodrow Douglass via buildroot @ 2024-08-20 11:40 UTC (permalink / raw) To: buildroot; +Cc: Woodrow Douglass This release includes a fix for CVE-2022-45145 --- package/chicken/chicken.hash | 4 ++-- package/chicken/chicken.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash index 5a553da792..0a3b0b15ce 100644 --- a/package/chicken/chicken.hash +++ b/package/chicken/chicken.hash @@ -1,4 +1,4 @@ -# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256 -sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz +# From https://code.call-cc.org/releases/5.4.0/chicken-5.4.0.tar.gz.sha256 +sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.4.0.tar.gz # Locally computed sha256 b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 LICENSE diff --git a/package/chicken/chicken.mk b/package/chicken/chicken.mk index 0000fc635e..ca5f756995 100644 --- a/package/chicken/chicken.mk +++ b/package/chicken/chicken.mk @@ -4,7 +4,7 @@ # ################################################################################ -CHICKEN_VERSION = 5.3.0 +CHICKEN_VERSION = 5.4.0 CHICKEN_SITE = https://code.call-cc.org/releases/$(CHICKEN_VERSION) CHICKEN_LICENSE = BSD-3-Clause CHICKEN_LICENSE_FILES = LICENSE -- 2.39.2 _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH] package/chicken: security bump to 5.4.0 2024-08-20 11:40 ` [Buildroot] [PATCH] package/chicken: security bump " Woodrow Douglass via buildroot @ 2024-08-20 21:27 ` Thomas Petazzoni via buildroot 2024-08-21 12:40 ` Woody Douglass via buildroot 2024-08-21 12:44 ` [Buildroot] [PATCH v3] " Woodrow Douglass via buildroot 0 siblings, 2 replies; 11+ messages in thread From: Thomas Petazzoni via buildroot @ 2024-08-20 21:27 UTC (permalink / raw) To: Woodrow Douglass via buildroot; +Cc: Woodrow Douglass On Tue, 20 Aug 2024 07:40:14 -0400 Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote: > This release includes a fix for CVE-2022-45145 > --- > package/chicken/chicken.hash | 4 ++-- > package/chicken/chicken.mk | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) Thanks for your new iteration... but this time around it lacks your Signed-off-by line :-) Also, when you send a new iteration, please label it [PATCH v2] and include a small changelog. See https://buildroot.org/downloads/manual/manual.html#submitting-patches for more details. Sorry if I'm a bit pedantic, but I believe this helps everyone learn what the best practices for patch submission are. If you find I'm too pedantic, let me know, and I'll try to be more flexible :-) Thanks again! Thomas -- Thomas Petazzoni, co-owner and CEO, Bootlin Embedded Linux and Kernel engineering and training https://bootlin.com _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH] package/chicken: security bump to 5.4.0 2024-08-20 21:27 ` Thomas Petazzoni via buildroot @ 2024-08-21 12:40 ` Woody Douglass via buildroot 2024-08-21 12:44 ` [Buildroot] [PATCH v3] " Woodrow Douglass via buildroot 1 sibling, 0 replies; 11+ messages in thread From: Woody Douglass via buildroot @ 2024-08-21 12:40 UTC (permalink / raw) To: Thomas Petazzoni, Woodrow Douglass via buildroot On 8/20/24 17:27, Thomas Petazzoni via buildroot wrote: > CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender. > > > On Tue, 20 Aug 2024 07:40:14 -0400 > Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote: > >> This release includes a fix for CVE-2022-45145 >> --- >> package/chicken/chicken.hash | 4 ++-- >> package/chicken/chicken.mk | 2 +- >> 2 files changed, 3 insertions(+), 3 deletions(-) > Thanks for your new iteration... but this time around it lacks your > Signed-off-by line :-) > > Also, when you send a new iteration, please label it [PATCH v2] and > include a small changelog. > See https://buildroot.org/downloads/manual/manual.html#submitting-patches > for more details. > > Sorry if I'm a bit pedantic, but I believe this helps everyone learn > what the best practices for patch submission are. If you find I'm too > pedantic, let me know, and I'll try to be more flexible :-) > > Thanks again! > > Thomas > -- > Thomas Petazzoni, co-owner and CEO, Bootlin > Embedded Linux and Kernel engineering and training > https://bootlin.com > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot No problem, I'll submit a new patch in a bit. Also, don't worry about being pedantic, I appreciate all the work you do maintaining buildroot! Buildroot's mailing-list/git-send-email/patchwork workflow is different then other projects I've contributed to, so sometimes I mess up the rules, and I'm sorry for that. Thank you very much for your patience. Woody _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 11+ messages in thread
* [Buildroot] [PATCH v3] package/chicken: security bump to 5.4.0 2024-08-20 21:27 ` Thomas Petazzoni via buildroot 2024-08-21 12:40 ` Woody Douglass via buildroot @ 2024-08-21 12:44 ` Woodrow Douglass via buildroot 2024-08-24 7:07 ` Thomas Petazzoni via buildroot 1 sibling, 1 reply; 11+ messages in thread From: Woodrow Douglass via buildroot @ 2024-08-21 12:44 UTC (permalink / raw) To: buildroot; +Cc: Woodrow Douglass This release includes a fix for CVE-2022-45145 Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> -- Changes v2 -> v3: - Add this changelog to commit message - Add Signed-off-by to commit message Changes v1 -> v2: - Update version numbers in hash file Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> --- package/chicken/chicken.hash | 4 ++-- package/chicken/chicken.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash index 5a553da792..0a3b0b15ce 100644 --- a/package/chicken/chicken.hash +++ b/package/chicken/chicken.hash @@ -1,4 +1,4 @@ -# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256 -sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz +# From https://code.call-cc.org/releases/5.4.0/chicken-5.4.0.tar.gz.sha256 +sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.4.0.tar.gz # Locally computed sha256 b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 LICENSE diff --git a/package/chicken/chicken.mk b/package/chicken/chicken.mk index 0000fc635e..ca5f756995 100644 --- a/package/chicken/chicken.mk +++ b/package/chicken/chicken.mk @@ -4,7 +4,7 @@ # ################################################################################ -CHICKEN_VERSION = 5.3.0 +CHICKEN_VERSION = 5.4.0 CHICKEN_SITE = https://code.call-cc.org/releases/$(CHICKEN_VERSION) CHICKEN_LICENSE = BSD-3-Clause CHICKEN_LICENSE_FILES = LICENSE -- 2.39.2 _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH v3] package/chicken: security bump to 5.4.0 2024-08-21 12:44 ` [Buildroot] [PATCH v3] " Woodrow Douglass via buildroot @ 2024-08-24 7:07 ` Thomas Petazzoni via buildroot 2024-08-26 13:07 ` Woody Douglass via buildroot 2024-08-26 13:10 ` [Buildroot] [PATCH v4] " Woodrow Douglass via buildroot 0 siblings, 2 replies; 11+ messages in thread From: Thomas Petazzoni via buildroot @ 2024-08-24 7:07 UTC (permalink / raw) To: Woodrow Douglass via buildroot; +Cc: Woodrow Douglass On Wed, 21 Aug 2024 08:44:14 -0400 Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote: > This release includes a fix for CVE-2022-45145 > > Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> > > -- > Changes v2 -> v3: > - Add this changelog to commit message > - Add Signed-off-by to commit message > > Changes v1 -> v2: > - Update version numbers in hash file > > Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> > --- > package/chicken/chicken.hash | 4 ++-- > package/chicken/chicken.mk | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) Sorry to be annoying, but this patch breaks the legal information for this package: >>> chicken 5.4.0 Patching >>> chicken 5.4.0 Collecting legal info ERROR: while checking hashes from package/chicken/chicken.hash ERROR: LICENSE has wrong sha256 hash: ERROR: expected: b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 ERROR: got : c0ed699d5c4a8687f90a6488244f7f57d48a7f2d42bb7461b08a0d69a07d4f58 ERROR: Incomplete download, or man-in-the-middle (MITM) attack make: *** [package/chicken/chicken.mk:46: chicken-legal-info] Error 1 So the hash of the license file needs to be updated *and* an explanation about the changes in the license files must be added in the commit log. Also, please note that updating from 5.3.0 to 5.4.0 is OK as the package is new in 2024.08, but as it fixes a security issue, we need to have this fix in master, and therefore a more minimal update to 5.3.1 would have been preferable for master (and the update to 5.4.0 in our next branch). But again, as this package is new, I think it is OK to upgrade to 5.4.0 even in our master branch. Thomas -- Thomas Petazzoni, CTO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH v3] package/chicken: security bump to 5.4.0 2024-08-24 7:07 ` Thomas Petazzoni via buildroot @ 2024-08-26 13:07 ` Woody Douglass via buildroot 2024-08-26 13:10 ` [Buildroot] [PATCH v4] " Woodrow Douglass via buildroot 1 sibling, 0 replies; 11+ messages in thread From: Woody Douglass via buildroot @ 2024-08-26 13:07 UTC (permalink / raw) To: Thomas Petazzoni, Woodrow Douglass via buildroot On 8/24/24 03:07, Thomas Petazzoni wrote: > CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender. > > > On Wed, 21 Aug 2024 08:44:14 -0400 > Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote: > >> This release includes a fix for CVE-2022-45145 >> >> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> >> >> -- >> Changes v2 -> v3: >> - Add this changelog to commit message >> - Add Signed-off-by to commit message >> >> Changes v1 -> v2: >> - Update version numbers in hash file >> >> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> >> --- >> package/chicken/chicken.hash | 4 ++-- >> package/chicken/chicken.mk | 2 +- >> 2 files changed, 3 insertions(+), 3 deletions(-) > Sorry to be annoying, but this patch breaks the legal information for Not annoying at all, it's my lack of diligence, I'm sorry. I'll add `make chicken-legal-info` to my list of things i do to test. > this package: > >>>> chicken 5.4.0 Patching >>>> chicken 5.4.0 Collecting legal info > ERROR: while checking hashes from package/chicken/chicken.hash > ERROR: LICENSE has wrong sha256 hash: > ERROR: expected: b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 > ERROR: got : c0ed699d5c4a8687f90a6488244f7f57d48a7f2d42bb7461b08a0d69a07d4f58 > ERROR: Incomplete download, or man-in-the-middle (MITM) attack > make: *** [package/chicken/chicken.mk:46: chicken-legal-info] Error 1 > > So the hash of the license file needs to be updated *and* an > explanation about the changes in the license files must be added in the > commit log. > > Also, please note that updating from 5.3.0 to 5.4.0 is OK as the > package is new in 2024.08, but as it fixes a security issue, we need to > have this fix in master, and therefore a more minimal update to 5.3.1 > would have been preferable for master (and the update to 5.4.0 in our > next branch). But again, as this package is new, I think it is OK to > upgrade to 5.4.0 even in our master branch. > > Thomas > -- > Thomas Petazzoni, CTO, Bootlin > Embedded Linux and Kernel engineering > https://bootlin.com I'll send a revision of the patch soon Thanks, Woodrow Douglass _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 11+ messages in thread
* [Buildroot] [PATCH v4] package/chicken: security bump to 5.4.0 2024-08-24 7:07 ` Thomas Petazzoni via buildroot 2024-08-26 13:07 ` Woody Douglass via buildroot @ 2024-08-26 13:10 ` Woodrow Douglass via buildroot 2024-08-26 16:33 ` Thomas Petazzoni via buildroot 1 sibling, 1 reply; 11+ messages in thread From: Woodrow Douglass via buildroot @ 2024-08-26 13:10 UTC (permalink / raw) To: buildroot; +Cc: Woodrow Douglass This release includes a fix for CVE-2022-45145. Also, a copyright date in the LICENSE file changed, so the hash for it has changed too. Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> -- Changes v3 -> v4: - Fix incorrect license hash Changes v2 -> v3: - Add this changelog to commit message - Add Signed-off-by to commit message Changes v1 -> v2: - Update version numbers in hash file Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> --- package/chicken/chicken.hash | 6 +++--- package/chicken/chicken.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash index 5a553da792..bf2ea6902d 100644 --- a/package/chicken/chicken.hash +++ b/package/chicken/chicken.hash @@ -1,4 +1,4 @@ -# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256 -sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz +# From https://code.call-cc.org/releases/5.4.0/chicken-5.4.0.tar.gz.sha256 +sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.4.0.tar.gz # Locally computed -sha256 b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 LICENSE +sha256 c0ed699d5c4a8687f90a6488244f7f57d48a7f2d42bb7461b08a0d69a07d4f58 LICENSE \ No newline at end of file diff --git a/package/chicken/chicken.mk b/package/chicken/chicken.mk index 0000fc635e..ca5f756995 100644 --- a/package/chicken/chicken.mk +++ b/package/chicken/chicken.mk @@ -4,7 +4,7 @@ # ################################################################################ -CHICKEN_VERSION = 5.3.0 +CHICKEN_VERSION = 5.4.0 CHICKEN_SITE = https://code.call-cc.org/releases/$(CHICKEN_VERSION) CHICKEN_LICENSE = BSD-3-Clause CHICKEN_LICENSE_FILES = LICENSE -- 2.39.2 _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [Buildroot] [PATCH v4] package/chicken: security bump to 5.4.0 2024-08-26 13:10 ` [Buildroot] [PATCH v4] " Woodrow Douglass via buildroot @ 2024-08-26 16:33 ` Thomas Petazzoni via buildroot 0 siblings, 0 replies; 11+ messages in thread From: Thomas Petazzoni via buildroot @ 2024-08-26 16:33 UTC (permalink / raw) To: Woodrow Douglass via buildroot; +Cc: Woodrow Douglass On Mon, 26 Aug 2024 09:10:25 -0400 Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote: > This release includes a fix for CVE-2022-45145. Also, a copyright date > in the LICENSE file changed, so the hash for it has changed too. > > Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> > > -- > Changes v3 -> v4: > - Fix incorrect license hash > > Changes v2 -> v3: > - Add this changelog to commit message > - Add Signed-off-by to commit message > > Changes v1 -> v2: > - Update version numbers in hash file > > Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com> > --- > package/chicken/chicken.hash | 6 +++--- > package/chicken/chicken.mk | 2 +- > 2 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash > index 5a553da792..bf2ea6902d 100644 > --- a/package/chicken/chicken.hash > +++ b/package/chicken/chicken.hash > @@ -1,4 +1,4 @@ > -# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256 > -sha256 c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76 chicken-5.3.0.tar.gz > +# From https://code.call-cc.org/releases/5.4.0/chicken-5.4.0.tar.gz.sha256 > +sha256 3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f chicken-5.4.0.tar.gz > # Locally computed > -sha256 b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37 LICENSE > +sha256 c0ed699d5c4a8687f90a6488244f7f57d48a7f2d42bb7461b08a0d69a07d4f58 LICENSE > \ No newline at end of file ^^^ There was a minor issue here with the missing new line. This is spotted by "make check-package": WARNING: package/chicken/chicken.hash:4: missing newline at end of file I fixed that up, and applied to master. Thanks a lot! Thomas -- Thomas Petazzoni, co-owner and CEO, Bootlin Embedded Linux and Kernel engineering and training https://bootlin.com _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2024-08-26 16:34 UTC | newest] Thread overview: 11+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2024-08-19 12:26 [Buildroot] [PATCH 1/1] package/chicken: Update to 5.4.0 Woodrow Douglass via buildroot 2024-08-19 20:29 ` Thomas Petazzoni via buildroot 2024-08-20 11:32 ` Woody Douglass via buildroot 2024-08-20 11:40 ` [Buildroot] [PATCH] package/chicken: security bump " Woodrow Douglass via buildroot 2024-08-20 21:27 ` Thomas Petazzoni via buildroot 2024-08-21 12:40 ` Woody Douglass via buildroot 2024-08-21 12:44 ` [Buildroot] [PATCH v3] " Woodrow Douglass via buildroot 2024-08-24 7:07 ` Thomas Petazzoni via buildroot 2024-08-26 13:07 ` Woody Douglass via buildroot 2024-08-26 13:10 ` [Buildroot] [PATCH v4] " Woodrow Douglass via buildroot 2024-08-26 16:33 ` Thomas Petazzoni via buildroot
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox