Corrupt upgrade file or bad hash?



  • I tried downloading the v2.3.2 full upgrade file (pfSense-CE-Full-Update-2.3.2-RELEASE-amd64.tgz) from four different mirrors and get a hash (SHA-256) of:

    3CC43FBF706E33B25750064C7D1FBBDC77D6675C355D877A4B959CD5D77D9B6E

    from all of them, but the pfSense web site lists the hash as:

    9886d4ce68bf756795085f375e81a51c067297f112502104d382fec0ca0769bc

    Has the file been corrupted on the mirrors, is the listed hash bad or did I screw something up?

    The hashes for the amd64 ISO and memstick check out just fine.



  • The update files' sha256 were originally on the updates prior to being signed. They've been updated to match, and I added a note to the release documentation to ensure the steps are always run in the described order so that doesn't happen in the future. Thanks for the report.



  • I'm seeing the same thing when trying to go from 2.2.4-RELEASE to 2.3.1.  2.3.1 is what the auto-updater selects even thought 2.3.2 is out there.

    In any case, updater is pulling from the following location:

    http://updates.pfsense.org/_updaters/amd64/latest.tgz

    Manually calculating sha256 on the file gives:

    3cc43fbf706e33b25750064c7d1fbbdc77d6675c355d877a4b959cd5d77d9b6e

    While the latest.tgz.sha256 gives:

    12e1e22262f9424324e86c208d7aa741c90d1c79f6120e1b365aa942faebc247

    I'm assuming it's safe to proceed with latest.tgz, but wanted to check considering the hashes are there for a reason.


Log in to reply