change date

Home » Asterisk Users » change date
Asterisk Users 2 Comments

Hi,

why have many files on
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ the
change date 18 aug 2009? See:

asterisk-1.2.24-patch.gz 07-Aug-2007 17:10 3.2K
asterisk-1.2.24-patch.gz.asc 07-Aug-2007 17:10 1.1K
asterisk-1.2.24-patch.gz.sha1 07-Aug-2007 17:10 67
asterisk-1.2.24.tar.gz 18-Aug-2009 16:33 28M
asterisk-1.2.24.tar.gz.asc 18-Aug-2009 16:33 1.0K
asterisk-1.2.24.tar.gz.sha1 18-Aug-2009 16:33 65
asterisk-1.2.25-patch.gz 29-Nov-2007 15:59 1.5K
asterisk-1.2.25-patch.gz.asc 29-Nov-2007 15:59 567

I try to repair the openembedded recipes an the recipe have also an
different checksum.

NOTE: fetch
http://downloads.asterisk.org/pub/telephony/asterisk/releases/asterisk-1.2.24.tar.gz
NOTE: The checksums for
‘/home/klaus/development/oe/downloads/asterisk-1.2.24.tar.gz’ did not match.
Expected MD5: ’63dc8b7be4cd10375c5fbda893c780bc’ and Got:
‘db7bcaaa494804af361157a37c224dfa’
Expected SHA256:
‘9debaf410636fa477e1e1f09fe0b16a1c2814afaf7195f34f29e4ce5b8debbbd’ and
Got: ‘eed3493b1409d7100e0f983af0486bd7f8965e9e47b7a6d5ab8539b2dd3609aa’
NOTE: Your checksums:
SRC_URI[md5sum] = “db7bcaaa494804af361157a37c224dfa”
SRC_URI[sha256sum] =
“eed3493b1409d7100e0f983af0486bd7f8965e9e47b7a6d5ab8539b2dd3609aa”

Greetings

Klaus

2 thoughts on - change date

  • Due to a licensing issue with some of the files we distributed with previous
    tarballs, we removed those files from archived tarballs in order to avoid
    continuing to distribute those files in any form. So yes, the checksums
    will have changed, although the checksums we distribute with the tarballs
    were also updated at the same time.

    Given that most of the changes since 1.2.24 have been security fixes, I
    would strongly encourage you to update your packages. There is no excuse
    for distributing vulnerable packages beyond the date that the vulnerability
    is disclosed, plus a brief period necessary for releasing updated packages.

    Additionally, the 1.2 branch has been EOLed, which means if any additional
    security issues are found, we will not be releasing updated packages to
    deal with those issues. For this reason, you would be better off putting
    forth the work to release packages based upon 1.4 or 1.8.

  • Am 29.11.2010 08:20, schrieb Tilghman Lesher:

    Thanks for the detailed information. There are recipes with the new
    version. I recommend to delete the old one.

    Greetings,

    Klaus