Jessie Lite Release Date & SHA-1 Don't Match

DaHai8 · Mon Feb 29, 2016 3:26 pm

The Release Date and SHA-1 for Jessie Lite on the Download Page:
2016-02-29
0d58e68d62cb3e55bdc73860a6be2281783b8c0f

Downloaded File name says: 2016-02-26-raspbian-jessie-lite.img
SHA-1 = 0D2799CEB0C263ABE59D6DD64B50ADEAA92BBB55

rpdom · Mon Feb 29, 2016 6:23 pm

The SHA-1 is for the zipped file, not the .img file it contains.

DougieLawson · Tue Mar 01, 2016 12:50 am

I've got Jessie, Jessie Lite and NOOBS (downloaded from the torrents)

Code: Select all

4a841dffd02197548bf2329b90a0a44eeeebb4ab  2016-02-26-raspbian-jessie.zip
0d58e68d62cb3e55bdc73860a6be2281783b8c0f  2016-02-26-raspbian-jessie-lite.zip
feb5ad2e16ffe8f7937a961830e746b14e29a4a2  NOOBS_v1_8_0.zip

bljardkungen · Tue Mar 01, 2016 1:01 am

I don't got a answer but I came here because I noticed the same thing.
My best guess so far is that they made the final packing 2016/02/26 and released the software on the site today 2016/02/29 the same day the pi was available in the store?

Do any know the answer?

stderr · Tue Mar 01, 2016 1:10 am

bljardkungen wrote:I don't got a answer but I came here because I noticed the same thing.

I think given what recently happened with the Mint distribution, http://blog.linuxmint.com/?p=2994 , it makes a lot of sense to watch out with these redirectors to mirrors because sometimes they are compromised.

DougieLawson · Tue Mar 01, 2016 1:39 am

bljardkungen wrote: My best guess so far is that they made the final packing 2016/02/26 and released the software on the site today 2016/02/29 the same day the pi was available in the store?

It looks like it was ready three days before it was published and someone forgot to change the filename.

Tue Mar 01, 2016 2:31 am

The file name corresponds to when it was created, not when it was uploaded. Generally, the 'release' date written on the download page is actually the date that the image was created and is almost always a few days behind. I've edited the download page with the 'correct' release date. Thanks.

DaHai8 · Tue Mar 01, 2016 10:28 am

Thanks!
Always want to make sure I'm getting the latest build!

P.S. Might want to mention on the Download page that the SHA-1 is for the ZIP and not the IMG file.
Personally, I'd prefer the SHA-1 for the IMG file - but that's just me.

chrisoh · Tue Mar 01, 2016 10:38 am

DaHai8 wrote:Thanks!
Always want to make sure I'm getting the latest build!
P.S. Might want to mention on the Download page that the SHA-1 is for the ZIP and not the IMG file.
Personally, I'd prefer the SHA-1 for the IMG file - but that's just me.

So you would unzip an unverifiable file to get to a possibly unverified file? Defeats the security of the SHA-1 me thinks

Jessie Lite Release Date & SHA-1 Don't Match

Jessie Lite Release Date & SHA-1 Don't Match

Re: Jessie Lite Release Date & SHA-1 Don't Match

Re: Jessie Lite Release Date & SHA-1 Don't Match

Re: Jessie Lite Release Date & SHA-1 Don't Match

Re: Jessie Lite Release Date & SHA-1 Don't Match

Re: Jessie Lite Release Date & SHA-1 Don't Match

Re: Jessie Lite Release Date & SHA-1 Don't Match

Re: Jessie Lite Release Date & SHA-1 Don't Match

Re: Jessie Lite Release Date & SHA-1 Don't Match