[Buildroot] [PATCHv2] package/ncurses: add upstream (security) patches up to 20200118

Peter Korsgaard peter at korsgaard.com
Wed Feb 5 18:26:58 UTC 2020


>>>>> "Yann" == Yann E MORIN <yann.morin.1998 at free.fr> writes:

 > Peter, Thomas, All,
 > On 2020-02-05 14:31 +0100, Thomas De Schampheleire spake thusly:
 >> From: Peter Korsgaard <peter at korsgaard.com>
 >> Fixes the following security issues:
 > [--SNIP--]
 >> While we are at it, adjust the white space in the .hash file to match
 >> sha256sum output for consistency.
 > [--SNIP--]
 >> # Locally computed
 >> -sha256	86106f0da1cf5ccfa0f0651665dd1b4515e8edad1c7972780155770548b317d9	COPYING
 >> +sha256  86106f0da1cf5ccfa0f0651665dd1b4515e8edad1c7972780155770548b317d9  COPYING

 > The hash for the license file is now wrong:

 >>>> ncurses 6.1 Collecting legal info
 >     ERROR: COPYING has wrong sha256 hash:
 >     ERROR: expected:
 >     86106f0da1cf5ccfa0f0651665dd1b4515e8edad1c7972780155770548b317d9
 >     ERROR: got     :
 >     4d1fde61868c73776a539366dccf5d5a4857e7fd7299efb1f02e07c2afe9ea87
 >     ERROR: Incomplete download, or man-in-the-middle (MITM) attack
 >     make[1]: *** [package/ncurses/ncurses.mk:200: ncurses-legal-info] Error 1
 >     make: *** [Makefile:23: _all] Error 2

 > That's because it has been changed by ncurses-6.1-20200104, to change
 > the Copyright year.

 > Fixed that and pushed, thanks.

Ups, thanks!

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list