[Buildroot] [PATCH 1/1] package/vlc: security bump version to 3.0.18
Peter Korsgaard
peter at korsgaard.com
Thu Dec 1 20:55:12 UTC 2022
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls at t-online.de> writes:
> Removed patch 0010, a different fix was applied upstream:
> https://code.videolan.org/videolan/vlc/-/commit/05445b74a38d045cb28f71f96ccbe882445a031e
> Removed patch 0011 which was backported from upstream.
> Renumbered patch 0012 -> 0010.
> Release notes:
> http://www.videolan.org/vlc/releases/3.0.18.html
> Fixes CVE-2022-41325:
> http://www.videolan.org/security/sb-vlc3018.html
> Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
> +++ b/package/vlc/vlc.hash
> @@ -1,7 +1,7 @@
> -# From https://get.videolan.org/vlc/3.0.17.4/vlc-3.0.17.4.tar.xz.sha256
> -sha256 8c5a62d88a4fb45c1b095cf10befef217dfa87aedcec5184b9e7d590b6dd4133 vlc-3.0.17.4.tar.xz
> -# From https://get.videolan.org/vlc/3.0.17.4/vlc-3.0.17.4.tar.xz.sha1
> -sha1 ebcd9939103fda141267c5a8f1c603df4533218e vlc-3.0.17.4.tar.xz
> +# From https://get.videolan.org/vlc/3.0.18/vlc-3.0.18.tar.xz.sha256
> +sha256 57094439c365d8aa8b9b41fa3080cc0eef2befe6025bb5cef722accc625aedec vlc-3.0.18.tar.xz
> +# From https://get.videolan.org/vlc/3.0.18/vlc-3.0.18.tar.xz.sha1
> +sha1 b11ccaa0f5ee15a550564817d60458eb0946f80e *vlc-3.0.18.tar.xz
You have a * before the filename, which get flagged by check-package:
Applying: package/vlc: security bump version to 3.0.18
package/vlc/vlc.hash:4: separation does not match expectation (http://nightly.buildroot.org/#adding-packages-hash)
Committed with that fixed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list