Skip to content

Make LZMA support optional #849

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
heitbaum wants to merge 1 commit into
base: Omega
Choose a base branch
from
Open

Make LZMA support optional #849

heitbaum wants to merge 1 commit into from

Conversation

@heitbaum
Copy link

@heitbaum heitbaum commented Mar 30, 2024

With the malicious actor changes to upstream xz, make the LZMA library optional. .xz support in pvr.iptvsimple is limited to epg files.

@heitbaum
Make LZMA support optional
e40efa1 
Signed-off-by: Rudi Heitbaum <[email protected]>
@AlwinEsch
Copy link
Contributor

AlwinEsch commented Mar 30, 2024

NOTE:: There also xz-utils 5.4.3 where use the bad checksum and possible download from dangerous source place! Should changed too.

-- verifying file...
       file='C:/jenkins-workspace/workspace/binary-addons/kodi-windows-i686-Omega/cmake/addons/build/download/xz-5.4.3.tar.xz'
-- SHA256 hash of
    C:/jenkins-workspace/workspace/binary-addons/kodi-windows-i686-Omega/cmake/addons/build/download/xz-5.4.3.tar.xz
  does not match expected value
    expected: '92177bef62c3824b4badc524f8abcce54a20b7dbcfb84cde0a2eb8b49159518c'
      actual: '6732bd6c5e2cc7f520a645bdb006a286c7790f73950213cd59d2a9e4e4fd3d36'

@AlwinEsch
Copy link
Contributor

AlwinEsch commented Mar 30, 2024
edited
Loading

NOTE:: There also xz-utils 5.4.3 where use the bad checksum and possible download from dangerous source place! Should changed too.
....

@phunkyfish created a request here about #850

@AlwinEsch AlwinEsch requested a review from phunkyfish March 30, 2024 10:19
@phunkyfish
Copy link
Member

phunkyfish commented Mar 30, 2024

NOTE:: There also xz-utils 5.4.3 where use the bad checksum and possible download from dangerous source place! Should changed too.
....

@phunkyfish created a request here about #850

This won’t work unfortunately. 5.4.1 won’t build for win UWP. So we’ll just need to upload 5.4.3 to our kodi mirrors

@phunkyfish
Copy link
Member

phunkyfish commented Mar 30, 2024

I think is too much of a change, we don't link xz with sshd so this is a non-issue IMHO. Plus we are using an older version which should be safe anyway.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@phunkyfish phunkyfish Awaiting requested review from phunkyfish

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@heitbaum @AlwinEsch @phunkyfish