[gmx-users] Gromacs 2018.8 checksum

[András Ferenc WACHA]

Dear Gromacs Developers,

I'm trying to install the 2018.8 version of GROMACS through the Spack
package manager (https://spack.io). They have packaged GROMACS, but I
have noticed a SHA256 checksum mismatch. They have
'3776923415df4bc78869d7f387c834141fdcda930b2e75be979dc59ecfa6ebec' on
file, while the file I have downloaded from your site directly (and
verified by the md5sum available there) has
'776923415df4bc78869d7f387c834141fdcda930b2e75be979dc59ecfa6ebecf'.
Although I strongly doubt that any attacker could come up with a
counterfeit package having a checksum so very close to the original one,
and suspect that this is simply a typo from the Spack package
maintainers, I would like to ask your opinion about this, just to be on
the safe side (avoiding accidental malware infections like what happened
previously https://github.com/Homebrew/homebrew-cask/issues/33536).

Thank you and kind regards,

Andras

-- 
András Ferenc Wacha, PhD
research fellow, CREDO instrument responsible

Biological Nanochemistry Research Group (310)

Institute of Materials and Environmental Chemistry
Research Centre for Natural Sciences (RCNS)
Magyar tudósok körútja 2.
H-1117 Budapest, Hungary
Phone: +36-1-382-6427
Web: http://bionano.ttk.hu
CREDO SAXS instrument: http://credo.ttk.hu


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://maillist.sys.kth.se/pipermail/gromacs.org_gmx-users/attachments/20191210/66264e88/attachment.sig>