NetBSD Problem Report #55277

From  Tue May 19 04:23:28 2020
Return-Path: <>
Received: from ( [])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "", Issuer " CA" (not verified))
	by (Postfix) with ESMTPS id D07F91A9217
	for <>; Tue, 19 May 2020 04:23:27 +0000 (UTC)
Message-Id: <>
Date: Tue, 19 May 2020 04:23:26 +0000 (UTC)
Subject: textproc/icu The International Components for Unicode
X-Send-Pr-Version: www-1.0

>Number:         55277
>Category:       pkg
>Synopsis:       textproc/icu The International Components for Unicode
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue May 19 04:25:00 +0000 2020
>Originator:     Joćo Paulo Vinha Bittar
>Release:        pkgsrc 2020Q1
home user
NetBSD 9.0 (GENERIC) #0: Fri Feb 14 00:06:28 UTC 2020 amd64
Pkgsrc 2020Q1 introduced this problem which did not exist on pkgsrc 2019Q4:

Checksum SHA1 mismatch for icu4c-64_2-src.tgz.
Just build any package that depends on textproc/icu or build textproc/icu directly: "[b]make -C /usr/pkgsrc/textproc".  Then when fetching icu4c-64_2-src.tgz it will show these error messages:

checksum: Checksum SHA1 mismatch for icu4c-64_2-src.tgz
ERROR: Make sure the Makefile and checksum file (/usr/pkgsrc/textproc/icu/distinfo)
ERROR: are up to date.  If you want to override this check, type
ERROR: "/home/user/pkg/bin/bmake NO_CHECKSUM=yes [other args]".
One workaround is building with "NO_CHECKSUM=yes" as an argument, but it will make the system vulnerable to a man-in-the-middle attack while building the package.

The correct way to fix it is editing textproc/icu/distinfo on the pkgsrc tree to have the correct hashes for icu4c-64_2-src.tgz, as this file will be protected by the checksum files at*.SHA1.

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD:,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.