Greetings, In the last few days I've been encountering lots of "Digest verification failed" messages indicating SHA256 verification problems (see below).
Searching the web, I've found the "generate your own" digest solution, i.e. "ebuild ...package...ebuild digest". Since the checksums are present to ensure integrity, this seems like a bad idea. Is it a bad idea to generate my own digest values? If so, what are the alternatives? Thanks. David ... emerge gettext Calculating dependencies ... done! >>> Emerging (1 of 1) sys-devel/gettext-0.15 to / >>> Downloading >>> 'http://distfiles.gentoo.org/distfiles/gettext-0.15.tar.gz' --20:18:41-- http://distfiles.gentoo.org/distfiles/gettext-0.15.tar.gz => `/usr/portage/distfiles/gettext-0.15.tar.gz' Resolving distfiles.gentoo.org... 216.165.129.135, 156.56.247.195, 64.50.238.52, ... Connecting to distfiles.gentoo.org|216.165.129.135|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 8,081,941 (7.7M) [application/x-gzip] 100%[====================================>] 8,081,941 142.51K/s ETA 00:00 20:19:36 (144.45 KB/s) - `/usr/portage/distfiles/gettext-0.15.tar.gz' saved [8081941/8081941] * checking ebuild checksums ;-) ... [ ok ] * checking auxfile checksums ;-) ... [ !! ] !!! Digest verification failed: !!! /usr/portage/sys-devel/gettext/files/gettext-0.12.1-without_java.patch !!! Reason: Failed on SHA256 verification !!! Got: 6dfefe191bc9435a957f7f6ff0658a771cf6ccffbaf169cae79ce7017a0421ee !!! Expected: c5a6a223c8be6ba11f1c180c7f381914abe127c0dffb0ec91d2e0a8e06892c92 -- gentoo-user@gentoo.org mailing list
