Message ID | 1415969096-3032-3-git-send-email-gustavo@zacarias.com.ar |
---|---|
State | Rejected |
Headers | show |
Dear Gustavo Zacarias, On Fri, 14 Nov 2014 09:44:48 -0300, Gustavo Zacarias wrote: > Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> > --- > package/dash/dash.hash | 4 ++-- > package/dash/dash.mk | 4 ++-- > 2 files changed, 4 insertions(+), 4 deletions(-) Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Peter, this one should probably go in 2014.11. Thomas
>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@free-electrons.com> writes: > Dear Gustavo Zacarias, > On Fri, 14 Nov 2014 09:44:48 -0300, Gustavo Zacarias wrote: >> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> >> --- >> package/dash/dash.hash | 4 ++-- >> package/dash/dash.mk | 4 ++-- >> 2 files changed, 4 insertions(+), 4 deletions(-) > Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> > Peter, this one should probably go in 2014.11. Why? Is it security related? I don't see anything special in the changelog. In fact, I don't see anything affecting us at all: http://metadata.ftp-master.debian.org/changelogs//main/d/dash/dash_0.5.8-2_changelog
Dear Peter Korsgaard, On Fri, 14 Nov 2014 14:39:00 +0100, Peter Korsgaard wrote: > >>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@free-electrons.com> writes: > > > Dear Gustavo Zacarias, > > On Fri, 14 Nov 2014 09:44:48 -0300, Gustavo Zacarias wrote: > >> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> > >> --- > >> package/dash/dash.hash | 4 ++-- > >> package/dash/dash.mk | 4 ++-- > >> 2 files changed, 4 insertions(+), 4 deletions(-) > > > Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> > > > Peter, this one should probably go in 2014.11. > > Why? Is it security related? I don't see anything special in the > changelog. In fact, I don't see anything affecting us at all: > > http://metadata.ftp-master.debian.org/changelogs//main/d/dash/dash_0.5.8-2_changelog I should have said: s/should/could/. I believe it's a minor update, and it's adding hash files, so it's fine for 2014.11. But it's your call :) Thomas
>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@free-electrons.com> writes: Hi, >> > Peter, this one should probably go in 2014.11. >> >> Why? Is it security related? I don't see anything special in the >> changelog. In fact, I don't see anything affecting us at all: >> >> http://metadata.ftp-master.debian.org/changelogs//main/d/dash/dash_0.5.8-2_changelog > I should have said: s/should/could/. I believe it's a minor update, and > it's adding hash files, so it's fine for 2014.11. But it's your call :) Ok. It only updates the .hash, we already have it for -1. Gustavoz, what is the reason for the bump? According to the changelog the only difference is in the debian packaging (should we also pass --disable-lineno?)
On 11/14/2014 10:49 AM, Peter Korsgaard wrote: > Ok. It only updates the .hash, we already have it for -1. > > Gustavoz, what is the reason for the bump? According to the changelog > the only difference is in the debian packaging (should we also pass > --disable-lineno?) Many tiny fixes, it's not only that. I think we could consider it a security fix even if there's no know/public vulnerability yet: https://cygwin.com/ml/cygwin-announce/2014-09/msg00043.html Regards.
diff --git a/package/dash/dash.hash b/package/dash/dash.hash index 0198cd8..c4e60a4 100644 --- a/package/dash/dash.hash +++ b/package/dash/dash.hash @@ -1,3 +1,3 @@ -# From http://ftp.debian.org/debian/pool/main/d/dash/dash_0.5.8-1.dsc +# From http://ftp.debian.org/debian/pool/main/d/dash/dash_0.5.8-2.dsc sha256 c6db3a237747b02d20382a761397563d813b306c020ae28ce25a1c3915fac60f dash_0.5.8.orig.tar.gz -sha256 d751769cc1ef8b825a177e782f1cd3e35bde7c268107fa4febf8d235e12c64d9 dash_0.5.8-1.diff.gz +sha256 00168a934864c26cae9a51367fe7ea013ece2d4844ff8bd6893fc00a8fa7b38c dash_0.5.8-2.diff.gz diff --git a/package/dash/dash.mk b/package/dash/dash.mk index ed8525c..13169d1 100644 --- a/package/dash/dash.mk +++ b/package/dash/dash.mk @@ -6,8 +6,8 @@ DASH_VERSION = 0.5.8 DASH_SOURCE = dash_$(DASH_VERSION).orig.tar.gz -DASH_SITE = http://snapshot.debian.org/archive/debian/20141023T043132Z/pool/main/d/dash -DASH_PATCH = dash_$(DASH_VERSION)-1.diff.gz +DASH_SITE = http://snapshot.debian.org/archive/debian/20141022T163236Z/pool/main/d/dash +DASH_PATCH = dash_$(DASH_VERSION)-2.diff.gz DASH_LICENSE = BSD-3c, GPLv2+ (mksignames.c) DASH_LICENSE_FILES = COPYING
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> --- package/dash/dash.hash | 4 ++-- package/dash/dash.mk | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-)