[arch-general] Severity of Failed checksum for PKGBUILD
Mark Lee
mark at markelee.com
Thu Feb 19 20:15:42 UTC 2015
Salutations,
After trying to build the mpv-0.8.0-1 and finding that the PKGBUILD's
checksum was incorrect, I filed a bug report. See
<https://bugs.archlinux.org/task/43882?project=5&cat%5B0%5D=33&string=mpv>.
I filed it under "critical" since an incorrect checksum means that the
package was built from source that doesn't match upstream's source. I
was told it's not a critical issue and it was downgraded to medium. I'm
wondering why incorrect checksums aren't considered "critical".
Regards,
Mark
More information about the arch-general
mailing list