[SERVER-77383] ".msi.sha256" files have incorrect shasum Created: 22/May/23 Updated: 29/Oct/23 Resolved: 01/Jun/23 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | 6.0.6, 4.4.22, 5.0.18 |
| Fix Version/s: | 7.1.0-rc0, 6.3.2, 6.0.7, 5.0.19, 4.4.23 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Joseph Ferguson | Assignee: | Tural Farhadov |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||
| Assigned Teams: |
Server Security
|
||||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||||
| Operating System: | ALL | ||||||||||||||||||
| Backport Requested: |
v7.0, v6.3, v6.0, v5.0, v4.4, v4.2
|
||||||||||||||||||
| Steps To Reproduce: | Download any .msi and its .msi.sha256 from one of the affected versions. Compare the contents of the .sha256 file with the output of sha256sum (or Get-FileHash -Algorithm sha256 on Windows).
|
||||||||||||||||||
| Participants: | |||||||||||||||||||
| Story Points: | 4 | ||||||||||||||||||
| Description |
|
Following the docs to verify the Windows msi installer and the sha256 files are all incorrect. This now happens on all released versions (4.4.22, 5.0.18, 6.0.6); previous versions worked correctly (except for the RCs of these releases). Downloaded files all match the etag (md5sum) provided in http headers. All the msi urls are extracted from https://downloads.mongodb.org/current.json Thank you and hopefully this is filled in the right project. |
| Comments |
| Comment by Githook User [ 24/May/23 ] |
|
Author: {'name': 'Tural Farhadov', 'email': 'tural.ferhadov@gmail.com', 'username': 'turalf'}Message: (cherry picked from commit 97683bf244362678d65db79b418d7f6cb5032d66) |
| Comment by Githook User [ 24/May/23 ] |
|
Author: {'name': 'Tural Farhadov', 'email': 'tural.ferhadov@gmail.com', 'username': 'turalf'}Message: (cherry picked from commit 97683bf244362678d65db79b418d7f6cb5032d66) |
| Comment by Githook User [ 24/May/23 ] |
|
Author: {'name': 'Tural Farhadov', 'email': 'tural.ferhadov@gmail.com', 'username': 'turalf'}Message: (cherry picked from commit 97683bf244362678d65db79b418d7f6cb5032d66) |
| Comment by Githook User [ 24/May/23 ] |
|
Author: {'name': 'Tural Farhadov', 'email': 'tural.ferhadov@gmail.com', 'username': 'turalf'}Message: (cherry picked from commit 97683bf244362678d65db79b418d7f6cb5032d66) |
| Comment by Githook User [ 23/May/23 ] |
|
Author: {'name': 'Tural Farhadov', 'email': 'tural.ferhadov@gmail.com', 'username': 'turalf'}Message: (cherry picked from commit 97683bf244362678d65db79b418d7f6cb5032d66) |
| Comment by Tural Farhadov [ 23/May/23 ] |
|
We had a bug we missed in the checksum generation. It should all be fixed now. Thanks for reporting this! |
| Comment by Githook User [ 23/May/23 ] |
|
Author: {'name': 'Tural Farhadov', 'email': 'tural.ferhadov@gmail.com', 'username': 'turalf'}Message: |
| Comment by Chris Kelly [ 23/May/23 ] |
|
Thanks for the report joseph.ferguson@docker.com! I'm passing this along to the relevant team to take a look. |