> On Oct 5, 2016, at 4:52 PM, Khem Raj <raj.k...@gmail.com> wrote: >> On Oct 5, 2016, at 4:45 PM, Randy Mortensen <ran...@stratagemsystems.com> >> wrote: >>> On Oct 5, 2016, at 5:04 PM, Darcy Watkins <dwatk...@sierrawireless.com> >>> wrote: >>> >>> From what I gleaned from recent discussions of fetcher errors, this is >>> somehow connected with rollout of Python related security fixes to various >>> Linux distributions and/or some ...-native recipes. >>> >>> It was a bunch of tar balls that are named as mercurial hashes from within >>> iced tea rather than the yocto fetch. I worked around it by grabbing the >>> tarballs from a different checkout since I didn't have time to dig into it. >>> >>> It affected a fresh checkout I was building from scratch. >>> >> Thanks for the response. This also happened to me when trying to build from >> scratch. >> For my clarification, did you already have the tar balls downloaded or were >> you able to download them from a previous (icedtea) commit somehow?
I had the tar balls in a different build that I had around for some time. The reason I never cached these ones in a shared location on our server was I felt that tar balls with small hashes as filenames was too prone to collisions, especially without a package name as a prefix. I don't know if that is a convention of iced tea, or how the fetcher handles mercurial. > Can you check if the tarballs have been rebuilt upstream ? if so we should > try to find out what changed. > It could also be an oversight that a recipe update forgot or updated the > checksums wrongly. but we should try to root cause it I agree here. We should root cause it. --- Regards, Darcy Darcy Watkins Staff Engineer, Firmware Sierra Wireless http://sierrawireless.com [M4] -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto