Version: 1.0 Hi, On Tue, Apr 01, 2014 at 04:25:47PM +0200, Harald Dunkel wrote: > I have 2 hosts downloading sid from http://ftp.debian.org. > One host ("elmer") claims on "apt-get update" > > W: Failed to fetch xz:/var/lib/apt/lists/partial/ftp.debian.org_debian_dists_sid_main_source_Sources Hash Sum mismatch > W: Failed to fetch xz:/var/lib/apt/lists/partial/ftp.debian.org_debian_dists_sid_main_binary-amd64_Packages Hash Sum mismatch > E: Some index files failed to download. They have been ignored, or old ones used instead. Thanks for the report! Unfortunately it's a (hidden) duplicate and fixed in a recent upload, so I have to close it again… but let me explain a bit before that: As noted in #624122 – our catch-all hashsum mismatch bugreport(s) – I botched uncompressing of lzma/xz in 0.9.16 while introducing (un)compression via liblzma instead of an optional external binary. The problem is that it can happen that the code reads 4096 compressed bytes, which do not produce any uncompressed output. The code then came to the conclusion that it is done uncompressing the file… which happens to be wrong in this case resulting in a too short file and therefore in a hashsum mismatch as a too short file of course doesn't match. This happens "rarely", so by any chance the next dinstall run will generate a new file which doesn't expose this behavior – just like our testcases do not expose this at all. A fix is known for a while, but was stuck in git as nobody with upload rights and sufficient time was around to upload it. (We can argue now if that was so to punish me or just by chance – I opt for the former, which is what I deserved I guess) On the upside, this has changed today, so that this fix is finally included – and even in a very important release for us. ;) In the meantime, the last workaround mentioned in #624122 is actually the only one working in case the problem is this one. It doesn't help for all the cases which usually end up in #624122. Just like the config options mentioned before that about another issue ending up with that error message as #624122 has no workaround if you get it for "hashsum mismatch" rather than a "code practice vs. theory mismatch" (and I can only break so many apt versions). Best regards David Kalnischkies
Attachment:
signature.asc
Description: Digital signature