Message ID | 00582a8025a651a3aefbf46849f1dd36fd1cb940.1404416102.git.yann.morin.1998@free.fr |
---|---|
State | Accepted |
Headers | show |
>>>>> "Yann" == Yann E MORIN <yann.morin.1998@free.fr> writes: > ca-certificates contains sensitive security-related information, > and we want to ensure the archive that we download has not been > compromised. > Add the sha1 and sha256 hashes from Debian's packaging. > Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> > Cc: Martin Bark <martin@barkynet.com> > Reviewed-by: Samuel Martin <s.martin49@gmail.com> Committed, thanks.
diff --git a/package/ca-certificates/ca-certificates.hash b/package/ca-certificates/ca-certificates.hash new file mode 100644 index 0000000..bcd0723 --- /dev/null +++ b/package/ca-certificates/ca-certificates.hash @@ -0,0 +1,3 @@ +# hashes from: $(CA_CERTIFICATES_SITE)/ca-certificates_$(CA_CERTIFICATES_VERSION).dsc : +sha1 ad57a45f0422fafd78a2e8191e5204f2306cc91b ca-certificates_20140223.tar.xz +sha256 815b7cd97200b0d76450bb3e7d9b65997ac494ab6467b17369f65b2ef94bcb0c ca-certificates_20140223.tar.xz