diff mbox series

[v4] package/chicken: security bump to 5.4.0

Message ID 20240826131025.17969-1-wdouglass@carnegierobotics.com
State Accepted
Headers show
Series [v4] package/chicken: security bump to 5.4.0 | expand

Commit Message

Woodrow Douglass Aug. 26, 2024, 1:10 p.m. UTC 
This release includes a fix for CVE-2022-45145. Also, a copyright date
in the LICENSE file changed, so the hash for it has changed too.

Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>

--
Changes v3 -> v4:
  - Fix incorrect license hash

Changes v2 -> v3:
  - Add this changelog to commit message
  - Add Signed-off-by to commit message

Changes v1 -> v2:
  - Update version numbers in hash file

Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
---
 package/chicken/chicken.hash | 6 +++---
 package/chicken/chicken.mk   | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

Comments

Thomas Petazzoni Aug. 26, 2024, 4:33 p.m. UTC | #1 
On Mon, 26 Aug 2024 09:10:25 -0400
Woodrow Douglass via buildroot <buildroot@buildroot.org> wrote:

> This release includes a fix for CVE-2022-45145. Also, a copyright date
> in the LICENSE file changed, so the hash for it has changed too.
> 
> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
> 
> --
> Changes v3 -> v4:
>   - Fix incorrect license hash
> 
> Changes v2 -> v3:
>   - Add this changelog to commit message
>   - Add Signed-off-by to commit message
> 
> Changes v1 -> v2:
>   - Update version numbers in hash file
> 
> Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
> ---
>  package/chicken/chicken.hash | 6 +++---
>  package/chicken/chicken.mk   | 2 +-
>  2 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash
> index 5a553da792..bf2ea6902d 100644
> --- a/package/chicken/chicken.hash
> +++ b/package/chicken/chicken.hash
> @@ -1,4 +1,4 @@
> -# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256
> -sha256  c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76  chicken-5.3.0.tar.gz
> +# From https://code.call-cc.org/releases/5.4.0/chicken-5.4.0.tar.gz.sha256
> +sha256  3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f  chicken-5.4.0.tar.gz
>  # Locally computed
> -sha256  b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37  LICENSE
> +sha256  c0ed699d5c4a8687f90a6488244f7f57d48a7f2d42bb7461b08a0d69a07d4f58  LICENSE
> \ No newline at end of file

^^^ There was a minor issue here with the missing new line. This is
spotted by "make check-package":

WARNING: package/chicken/chicken.hash:4: missing newline at end of file

I fixed that up, and applied to master. Thanks a lot!

Thomas
diff mbox series

Patch

diff --git a/package/chicken/chicken.hash b/package/chicken/chicken.hash
index 5a553da792..bf2ea6902d 100644
--- a/package/chicken/chicken.hash
+++ b/package/chicken/chicken.hash
@@ -1,4 +1,4 @@ 
-# From https://code.call-cc.org/releases/5.3.0/chicken-5.3.0.tar.gz.sha256
-sha256  c3ad99d8f9e17ed810912ef981ac3b0c2e2f46fb0ecc033b5c3b6dca1bdb0d76  chicken-5.3.0.tar.gz
+# From https://code.call-cc.org/releases/5.4.0/chicken-5.4.0.tar.gz.sha256
+sha256  3c5d4aa61c1167bf6d9bf9eaf891da7630ba9f5f3c15bf09515a7039bfcdec5f  chicken-5.4.0.tar.gz
 # Locally computed
-sha256  b434ac92e094214136a6b5032f0dc9da97f22cef084ac1d0131b02a09e2caa37  LICENSE
+sha256  c0ed699d5c4a8687f90a6488244f7f57d48a7f2d42bb7461b08a0d69a07d4f58  LICENSE
\ No newline at end of file
diff --git a/package/chicken/chicken.mk b/package/chicken/chicken.mk
index 0000fc635e..ca5f756995 100644
--- a/package/chicken/chicken.mk
+++ b/package/chicken/chicken.mk
@@ -4,7 +4,7 @@ 
 #
 ################################################################################
 
-CHICKEN_VERSION = 5.3.0
+CHICKEN_VERSION = 5.4.0
 CHICKEN_SITE = https://code.call-cc.org/releases/$(CHICKEN_VERSION)
 CHICKEN_LICENSE = BSD-3-Clause
 CHICKEN_LICENSE_FILES = LICENSE