[PATCH] fix source package verification in desktop-linux-kde
14 views
Skip to first unread message
HW42
Nov 20, 2015, 7:15:54 PM11/20/15
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
the source tarballs in desktop-linux-kde were still verified only by
md5. This patch uses sha512 instead. Please double check the checksums.
HW42
PS: What do you think of centralizing the download and verification
code? Currently every component calls manually wget and sha*sum/gpg.
This should help avoid such errors and make modification easier.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWT7etAAoJEOSsySeKZGgWR/4QAL4ScJ63wA5P9ksLSIh7Stmd
v30Hy+SHXIJwDfj0/n3cS0HIb/PAw3hyGy1WpgLBA9XcvJ8HE3p6UhZW/yqiNWF8
7ybD6qlspGJ+oSwsvOMvmDW8w2ZBDtzGPY1j+ecKwqKE4wT55yk0GjzXZK+Weq+E
OVeEwaZxBohi+ao6hC/ge5qOll5KzEKRUZIm99ZLumy6unh9OoxVV/cOuNjZMyoQ
I9+47QaDKR58cWfAfcH439k62Yo0ABLbY9Q4IGOa/b+RveznR34xxqhzuwm7wFl+
E04Bq3eL9oX+I/3T9ACLLeUmcIDsi42pH4oadYMXh+zM6Pk64UNlnSTV2RrRHGlL
qi4PnDjs+tlXfSGYjHkOb5JdMwHjUnnYhqtRC7mF41+QInGd/p/EkCiUk63PP4S9
Uf79SMxVOJ6DCVc+1XnsoCnDZRFYn73JI7S9K+LhLz7MiRAlBUUtUBZxqG38JSCU
tG+Cklc1ZlI7zcvED12dI5/JwuxztHGSbv2afaiqvwziAWo3iMDPUsE5hT0ernEK
nP1TJ7bV7BUf0M9xYPyi3VBOkpoajuVy4E0RnrT/DWs7D+k5Wde+MPla/Z5irNtU
PKMciWG+N/U6iwVrtUUYHk7MUY+fFUgJfeZ4yPqkBqCbWtcrnqzhUz47RE36SCi7
Q8kagd9rHZFUZIP/bk9n
=dZe8
-----END PGP SIGNATURE-----
Hash: SHA512
Hi,
the source tarballs in desktop-linux-kde were still verified only by
md5. This patch uses sha512 instead. Please double check the checksums.
HW42
PS: What do you think of centralizing the download and verification
code? Currently every component calls manually wget and sha*sum/gpg.
This should help avoid such errors and make modification easier.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWT7etAAoJEOSsySeKZGgWR/4QAL4ScJ63wA5P9ksLSIh7Stmd
v30Hy+SHXIJwDfj0/n3cS0HIb/PAw3hyGy1WpgLBA9XcvJ8HE3p6UhZW/yqiNWF8
7ybD6qlspGJ+oSwsvOMvmDW8w2ZBDtzGPY1j+ecKwqKE4wT55yk0GjzXZK+Weq+E
OVeEwaZxBohi+ao6hC/ge5qOll5KzEKRUZIm99ZLumy6unh9OoxVV/cOuNjZMyoQ
I9+47QaDKR58cWfAfcH439k62Yo0ABLbY9Q4IGOa/b+RveznR34xxqhzuwm7wFl+
E04Bq3eL9oX+I/3T9ACLLeUmcIDsi42pH4oadYMXh+zM6Pk64UNlnSTV2RrRHGlL
qi4PnDjs+tlXfSGYjHkOb5JdMwHjUnnYhqtRC7mF41+QInGd/p/EkCiUk63PP4S9
Uf79SMxVOJ6DCVc+1XnsoCnDZRFYn73JI7S9K+LhLz7MiRAlBUUtUBZxqG38JSCU
tG+Cklc1ZlI7zcvED12dI5/JwuxztHGSbv2afaiqvwziAWo3iMDPUsE5hT0ernEK
nP1TJ7bV7BUf0M9xYPyi3VBOkpoajuVy4E0RnrT/DWs7D+k5Wde+MPla/Z5irNtU
PKMciWG+N/U6iwVrtUUYHk7MUY+fFUgJfeZ4yPqkBqCbWtcrnqzhUz47RE36SCi7
Q8kagd9rHZFUZIP/bk9n
=dZe8
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages