https://bugs.winehq.org/show_bug.cgi?id=47966
Bug ID: 47966 Summary: Please publish SHA256 sums for Wine releases/downloads Product: WineHQ.org Version: unspecified Hardware: Other OS: other Status: UNCONFIRMED Severity: major Priority: P2 Component: www-unknown Assignee: wine-bugs@winehq.org Reporter: aros@gmx.com
Thank you.
https://bugs.winehq.org/show_bug.cgi?id=47966
Zebediah Figura z.figura12@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Product|WineHQ.org |Packaging Component|www-unknown |wine-packages CC| |dimesio@earthlink.net, | |michael@fds-team.de, | |sebastian@fds-team.de, | |z.figura12@gmail.com
--- Comment #1 from Zebediah Figura z.figura12@gmail.com --- I think this is a packaging bug, though I could be wrong. Rosanne?
https://bugs.winehq.org/show_bug.cgi?id=47966
--- Comment #2 from Artem S. Tashkinov aros@gmx.com --- (In reply to Zebediah Figura from comment #1)
I think this is a packaging bug, though I could be wrong. Rosanne?
Any updates on this one?
It should be fairly easy and straightforward to implement.
https://bugs.winehq.org/show_bug.cgi?id=47966
--- Comment #3 from Rosanne DiMesio dimesio@earthlink.net --- Artem,
Are you talking about the source tarballs or the WineHQ binary packages? Because the sha256sums for the latter are already published. The Debian/Ubuntu ones are in the Packages files in the various subdirectories and the Fedora ones are in the primary.xml.gz files in the repodata subdirectories.
https://bugs.winehq.org/show_bug.cgi?id=47966
Artem S. Tashkinov aros@gmx.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |INVALID Status|UNCONFIRMED |RESOLVED
--- Comment #4 from Artem S. Tashkinov aros@gmx.com --- (In reply to Rosanne DiMesio from comment #3)
Artem,
Are you talking about the source tarballs or the WineHQ binary packages? Because the sha256sums for the latter are already published. The Debian/Ubuntu ones are in the Packages files in the various subdirectories and the Fedora ones are in the primary.xml.gz files in the repodata subdirectories.
I'm talking about source packages (tar/tar.xz). Distro binary packages are already signed for the distros which use signature verification.
Let's see:
https://www.winehq.org/announce/5.0-rc2 - no hash sum.
https://wiki.winehq.org/Download - no hash sum.
https://dl.winehq.org/wine/source/5.0/ - OK we've got a sign file which probably solves the case but still it won't hurt having hash sums published along downloads as well.
Anyways I'm closing this bug report not to waste anyone's time.
https://bugs.winehq.org/show_bug.cgi?id=47966
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|INVALID |FIXED
--- Comment #5 from Alexandre Julliard julliard@winehq.org --- I've added checksum files in the source directories.
https://bugs.winehq.org/show_bug.cgi?id=47966
Rosanne DiMesio dimesio@earthlink.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #6 from Rosanne DiMesio dimesio@earthlink.net --- Closing fixed packaging bug.
-
WineHQ Bugzilla