[Buildroot] [PATCH 1/3] package/libva: Bump version to 1.4.0
Bernd Kuhls
bernd.kuhls at t-online.de
Tue Oct 7 20:58:49 UTC 2014
Peter Korsgaard <jacmet at uclibc.org> wrote in
news:87ppe3fwnn.fsf at dell.be.48ers.dk:
> Committed all 3, thanks. For future patches, it would be good if you
> would add the tarball hashes as the libva* release announcements had
> them (I've added them now).
Hi,
ok, I will do so.
Until now I did not really bother for my non-security-related packages
because I remembered the commit description
http://git.buildroot.net/buildroot/commit/support/download/check-hash?id=
9bd8b59526c4521879f0ae5f765cb1a748725c49 where Yann talked about "sensitive
packages, related to security: openssl, dropbear, ca-certificates...", so I
thought hashes are optional[1]. It seems I did not notice the change of
policy regarding hashes.
In other words: Is there a reason _not_ to include a hash for a source
tarball?
Regards, Bernd
[1] According to the doc
http://buildroot.uclibc.org/downloads/manual/manual.html#adding-packages-hash
they are still optional ;)
More information about the buildroot
mailing list