kumquat-buildroot/package/faad2/faad2.hash

# From http://sourceforge.net/projects/faac/files/faad2-src/faad2-2.8.0/ (used by upstream):
md5	28f6116efdbe9378269f8a6221767d1f  faad2-2.8.8.tar.gz
sha1	0d49c516d4a83c39053a9bd214fddba72cbc34ad  faad2-2.8.8.tar.gz
# Locally computed
sha256  985c3fadb9789d2815e50f4ff714511c79c2710ac27a4aaaf5c0c2662141426d  faad2-2.8.8.tar.gz
sha256  d3baf3a54943cf12a994c85867a18dec84f810901b2f2878ddfd77efcc3c150f  COPYING
faad2: security bump to version 2.8.1 Fixes: CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221, CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255, CVE-2017-9256, CVE-2017-9257 http://seclists.org/fulldisclosure/2017/Jun/32 Switch to .tar.bz2 to save some bandwidth. Add autoreconf since unfortunately upstream tarball does not ship the configure script. Cc: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> 2017-08-09 07:02:02 +02:00			`# From http://sourceforge.net/projects/faac/files/faad2-src/faad2-2.8.0/ (used by upstream):`
faad2: bump to version 2.8.8 Drop patch; issue fixed upstream. Add license file hash. Revert back to .tar.gz since that is what upstream provides. Remove autoreconf; tarball has configure script. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2017-12-24 20:49:12 +01:00			`md5 28f6116efdbe9378269f8a6221767d1f faad2-2.8.8.tar.gz`
			`sha1 0d49c516d4a83c39053a9bd214fddba72cbc34ad faad2-2.8.8.tar.gz`
package/faad2: add hash Upstream do not host the files, they are hosted on SourceForge; SF has both sha1 and md5, so use the sha1. Also add a strong, locally computed hash. Should fix build failures for which sourceforge sends garbage: http://autobuild.buildroot.org/results/f0a/f0a36c78fd910bc0aea54df4b76ab8a0f82f7ae4/ http://autobuild.buildroot.org/results/3d6/3d6134c71e57238d4d865040eac9f34e2d17844c/ http://autobuild.buildroot.org/results/232/2323f72f9b08ef8e20ec67a5aebfadd5b469a298/ ... [Peter: use correct sha1, add link to upstream page listing it] Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2014-12-14 19:21:57 +01:00			`# Locally computed`
faad2: bump to version 2.8.8 Drop patch; issue fixed upstream. Add license file hash. Revert back to .tar.gz since that is what upstream provides. Remove autoreconf; tarball has configure script. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2017-12-24 20:49:12 +01:00			`sha256 985c3fadb9789d2815e50f4ff714511c79c2710ac27a4aaaf5c0c2662141426d faad2-2.8.8.tar.gz`
			`sha256 d3baf3a54943cf12a994c85867a18dec84f810901b2f2878ddfd77efcc3c150f COPYING`