[MacPorts] #50775: haproxy: update to 1.6.3
#50775: haproxy: update to 1.6.3 ------------------------+-------------------------------- Reporter: relgames@… | Owner: macports-tickets@… Type: update | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.4 Keywords: | Port: haproxy ------------------------+-------------------------------- {{{ $ port livecheck haproxy haproxy seems to have been updated (port version: 1.4.22, new version: 1.6.3) }}} -- Ticket URL: <https://trac.macports.org/ticket/50775> MacPorts <https://www.macports.org/> Ports system for OS X
#50775: haproxy: update to 1.6.3 -------------------------+------------------- Reporter: relgames@… | Owner: sam@… Type: update | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: haproxy | -------------------------+------------------- Changes (by mf2k@…): * owner: macports-tickets@… => sam@… * version: 2.3.4 => Comment: Thanks. In the future, please Cc the port maintainers ({{{port info --maintainers haproxy}}}), if any. A comment about the patch. The rmd160 and sha256 checksums need to stay. See the [https://guide.macports.org/#reference.phases.checksum guide section about checksums]. md5 is considered insecure but can be kept if upstream publishes it. -- Ticket URL: <https://trac.macports.org/ticket/50775#comment:1> MacPorts <https://www.macports.org/> Ports system for OS X
#50775: haproxy: update to 1.6.3 -------------------------+------------------- Reporter: relgames@… | Owner: sam@… Type: update | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: haproxy | -------------------------+------------------- Comment (by relgames@…): Replying to [comment:1 mf2k@…]:
A comment about the patch. The rmd160 and sha256 checksums need to stay. See the [https://guide.macports.org/#reference.phases.checksum guide section about checksums]. md5 is considered insecure but can be kept if upstream publishes it.
HAproxy download page has only MD5 hashes http://www.haproxy.org/download/1.6/src/ Meaning, rmd160 and sha256 will be calculated by me and not taken from the upstream. If MD5 is insecure, what makes you think I can't be affected? Hashes calculated by me can't be validated by checking upstream download page, you'll need to either trust me or re-calculate hashes yourself. Do you still think I should do it?.. -- Ticket URL: <https://trac.macports.org/ticket/50775#comment:2> MacPorts <https://www.macports.org/> Ports system for OS X
#50775: haproxy: update to 1.6.3 -------------------------+------------------- Reporter: relgames@… | Owner: sam@… Type: update | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: haproxy | -------------------------+------------------- Comment (by dluke@…): The stronger hashes main function is to ensure that the file that an end- user operates on is the same file as the one the maintainer intended it to operate on. -- Ticket URL: <https://trac.macports.org/ticket/50775#comment:3> MacPorts <https://www.macports.org/> Ports system for OS X
#50775: haproxy: update to 1.6.3 -------------------------+------------------- Reporter: relgames@… | Owner: sam@… Type: update | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: haproxy | -------------------------+------------------- Comment (by jeremy.mcmillan@…): Subsumed by #51492 [haproxy Portfile diff update 1.4.22 --> 1.6.5] -- Ticket URL: <https://trac.macports.org/ticket/50775#comment:4> MacPorts <https://www.macports.org/> Ports system for OS X
participants (1)
-
MacPorts