FS#54007 : [xz] PKGBUILD not using HTTPS for sources and using weak hash

FS#54007 - [xz] PKGBUILD not using HTTPS for sources and using weak hash

Attached to Project: Arch Linux
Opened by Luke (Gaming4JC) - Thursday, 11 May 2017, 02:04 GMT
Last edited by Doug Newgard (Scimmia) - Thursday, 11 May 2017, 02:49 GMT

Task Type	Bug Report
Category	Packages: Core
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description: I noticed this package is not using HTTPS and using weak MD5 (which is considered broken since 2004).
Attached is a fixed version of the PKGBUILD to resolve these issues.

PKGBUILD (1.3 KiB)

This task depends upon

Closed by Doug Newgard (Scimmia)
Thursday, 11 May 2017, 02:49 GMT
Reason for closing: Not a bug
Additional comments about closing: http redirects, and nobody cares about the checksum, especially when it uses pgp.

Comments (0)
Related Tasks (0/0)

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#54007 - [xz] PKGBUILD not using HTTPS for sources and using weak hash

Details

Loading...