You'd have to take it up with sourceforge. Basically this is nothing new for them. There have also been several instances over the last few years where malicious code was injected into Sourceforge downloads, so i'd double check the file downloaded if the hash values aren't matching. For a few years now i've avoided downloading from Sourceforge when possible due to these events. I think the last time i heard of it was mid 2016, i don't remember if anything's happened more recently.
On Fri, Aug 3, 2018 at 5:46 PM Jude DaShiell <jdash...@panix.com> wrote: > I have a published sha1sum value for an iso yet sourceforge.net continues > downloading that iso with a different value. I am using a download script > and a test script each time and as far as I have been able to find out > this is the only location for the iso. > I have rebooted the router on this end but the internet provider is > comcast.net which may introduce its own problems into the mix. > > > > -- > >
