databases/mongodb 2.4.3 File size mismatch
John Marino
dragonflybsd at marino.st
Sat Apr 27 17:39:52 UTC 2013
On 4/27/2013 18:29, Lowell Gilbert wrote:
> klaasdemter at gmail.com writes:
>
>> something is wrong with mongodb port, make reports a mismatched file size.
>> => Attempting to fetch
>> http://downloads.mongodb.org/src/mongodb-src-r2.4.3.tar.gz
>> fetch: http://downloads.mongodb.org/src/mongodb-src-r2.4.3.tar.gz:
>> size mismatch: expected 14108201, actual 14108398
>
> Looks like the distfile got re-rolled under the same name.
> In which case it would be safe to just update the distinfo
> and go ahead with the build.
> I'm CC'ing the maintainer to update the port and
> double-check my (very quick) analysis of the security issues.
The pkgsrc guys make it a point to contact the party responsible for the
re-roll and polite ask to never, ever do that again because all the
repositories (ports, pkgsrc, apt, arch, rest of linux, etc) are
depending on a hash and rerolling breaks all of them.
Sometimes upstream just doesn't realize the consequences and they'll not
do it again once informed. Something they just don't care and it keeps
happening.
I am a bit surprised that a database developer that should understand
issues with data integrity pulls a stunt like that though.
John
More information about the freebsd-ports
mailing list