[Buildroot] [PATCH 1/3] package/libva: Bump version to 1.4.0

Bernd Kuhls bernd.kuhls at t-online.de
Tue Oct 7 20:58:49 UTC 2014


Peter Korsgaard <jacmet at uclibc.org> wrote in 
news:87ppe3fwnn.fsf at dell.be.48ers.dk:

> Committed all 3, thanks. For future patches, it would be good if you
> would add the tarball hashes as the libva* release announcements had
> them (I've added them now).

Hi,

ok, I will do so.

Until now I did not really bother for my non-security-related packages 
because I remembered the commit description
http://git.buildroot.net/buildroot/commit/support/download/check-hash?id=
9bd8b59526c4521879f0ae5f765cb1a748725c49 where Yann talked about "sensitive 
packages, related to security: openssl, dropbear, ca-certificates...", so I 
thought hashes are optional[1]. It seems I did not notice the change of 
policy regarding hashes.
In other words: Is there a reason _not_ to include a hash for a source 
tarball?

Regards, Bernd

[1] According to the doc
http://buildroot.uclibc.org/downloads/manual/manual.html#adding-packages-hash
they are still optional ;)



More information about the buildroot mailing list