[tor-bugs] #31564 [Applications/Tor Browser]: Android bundles based on ESR 68 are not built reproducibly anymore
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Oct 8 08:44:39 UTC 2019
#31564: Android bundles based on ESR 68 are not built reproducibly anymore
-------------------------------------------------+-------------------------
Reporter: gk | Owner: tbb-
| team
Type: defect | Status: closed
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution: fixed
Keywords: tbb-9.0-must-alpha, | Actual Points:
GeorgKoppen201909, TorBrowserTeam201910R |
Parent ID: #30324 | Points: 5
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by eighthave):
If you just need a single package from unstable, I think it would be
easiest to wget it, then verify with sha256, e.g. the info listed on
https://packages.debian.org/sid/all/apktool/download:
{{{
$ wget
https://deb.debian.org/debian/pool/main/a/apktool/apktool_2.4.0-1_all.deb
$ echo '15a2b72d1892cfd5e4a3e878d6286d6f3f3e4ff6dcf9819d726db10626bd8c01
apktool_2.4.0-1_all.deb' > apktool_2.4.0-1_all.deb.sha256
$ sha256sum -c apktool_2.4.0-1_all.deb.sha256
}}}
Otherwise, I'd use "Apt Pinning". That's a bit tricky to setup, ping me
if you want me to write that, I've done it a lot.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31564#comment:59>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list