Date: Mon, 15 May 2006 15:00:30 -0700 From: Jeremy Chadwick <freebsd@jdc.parodius.com> To: freebsd-ports@freebsd.org Subject: Re: FreeBSD Port: lang/php5 (distinfo missmatch) Message-ID: <20060515220030.GA18254@pentarou.parodius.com> In-Reply-To: <4468F29C.9070202@rogers.com> References: <4468F29C.9070202@rogers.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 15, 2006 at 05:29:00PM -0400, Mike Jakubik wrote: > The md5 checksum and the size of php-5.1.4.tar.bz2 seems to differ from > what the file actually is, and what is described on the php website. > > root@spamtoaster.home.local:/usr/ports/lang/php5# make fetch > ===> Vulnerability check disabled, database not found > => php-5.1.4.tar.bz2 doesn't seem to exist in /usr/ports/distfiles/. > => Attempting to fetch from http://br.php.net/distributions/. > fetch: http://br.php.net/distributions/php-5.1.4.tar.bz2: size mismatch: > expected 5992825, actual 6356171 > => Attempting to fetch from http://cn.php.net/distributions/. > fetch: http://cn.php.net/distributions/php-5.1.4.tar.bz2: size mismatch: > expected 5992825, actual 6356171 > > ... > > Website states: > > PHP 5.1.4 (tar.bz2) [6,207Kb] - 04 May 2006 > md5: 66a806161d4a2d3b5153ebe4cd0f2e1c Taken from the PHP home page, in bold: >> The tarballs were updated to include the PEAR's phar file, previously >> missing from the release. Is this the newest trend in the open-source world? Re-packaging pre-existing tarballs and modifying patches and other what-nots? This is really *really* bad form and behaviour. It completely defeats the purpose (re: security) of MD5 and SHA checksums. All this does is induce more Bugzilla bugs and support mails -- and ultimately waste everyone's time. I'd love to get my hands around the necks of some of these folks... if any of tehm read freebsd-ports: **PLEASE STOP DOING THIS**! -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060515220030.GA18254>