The boost_1_62_0.tar.bz2 that is being used on the mirrors right now is not the one released as 1.62 by boost.org. Take a look at the SHA256 hash it's supposed to have at http://www.boost.org/users/history/version_1_62_0.html, which says 36c96b0f6155c98404091d8ceb48319a28279ca0333fba1ad8611eb90afb2ca0 instead of 3b9df59619e07cf53e041c27efff7d9aeab7628e5d6867f4754eefb2b7b99dbb which is currently recorded in the Manifest. A little bit of background on how this happened: When boost-1.62 first came out, I experimented with a version bump myself, and noticed that the download links we have been using for SourceForge redirected to some boost-1.62 snapshot file: Trying to fetch 'http://download.sourceforge.net/boost/boost_1_62_0.tar.bz2' to 'boost_1_62_0.tar.bz2'... * Not attempting resume using /var/paludis/distfiles/boost_1_62_0.tar.bz2.-PARTIAL- (too small) rm -f /var/paludis/distfiles/boost_1_62_0.tar.bz2.-PARTIAL- wget -T 30 -t 1 --continue -O /var/paludis/distfiles/boost_1_62_0.tar.bz2.-PARTIAL- http://download.sourceforge.net/boost/boost_1_62_0.tar.bz2 --2016-09-30 16:32:00-- http://download.sourceforge.net/boost/boost_1_62_0.tar.bz2 Resolving download.sourceforge.net... 216.34.181.59 Connecting to download.sourceforge.net|216.34.181.59|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: http://downloads.sourceforge.net/project/boost/boost/snapshots/master/boost_1_62_0.tar.bz2 [following] --2016-09-30 16:32:01-- http://downloads.sourceforge.net/project/boost/boost/snapshots/master/boost_1_62_0.tar.bz2 Resolving downloads.sourceforge.net... 216.34.181.59 Connecting to downloads.sourceforge.net|216.34.181.59|:80... connected. HTTP request sent, awaiting response... 302 Found Location: http://netcologne.dl.sourceforge.net/project/boost/boost/snapshots/master/boost_1_62_0.tar.bz2 [following] --2016-09-30 16:32:01-- http://netcologne.dl.sourceforge.net/project/boost/boost/snapshots/master/boost_1_62_0.tar.bz2 Resolving netcologne.dl.sourceforge.net... 78.35.24.46 Connecting to netcologne.dl.sourceforge.net|78.35.24.46|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 84529021 (81M) [application/octet-stream] Saving to: '/var/paludis/distfiles/boost_1_62_0.tar.bz2.-PARTIAL-' This snapshot file also changed once in a while (probably on a daily basis?). The issue currently goes unnoticed because the gentoo mirrors are usually used first. If you add RESTRICT=mirror you will probably get a different file. For a quick and dirty fix, use http://downloads.sourceforge.net/project/boost/boost/${PV}/${MY_P}.tar.bz2 as the download link, which gives the correct file.
Also, it would be nice if developers actually checked against upstream checksums [1] rather than accepting completely non-matching checksums in Manifest... [1]:http://www.boost.org/users/history/version_1_62_0.html
commit 63f579c06c07dc253e8601cda5cc929320a53997 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: Thu Oct 6 10:55:26 2016 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: Thu Oct 6 10:55:49 2016 dev-libs/boost: Use correct upstream distfile, #596220 dev-libs/boost/Manifest | 2 +- dev-libs/boost/{boost-1.62.0.ebuild => boost-1.62.0-r1.ebuild} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Bad news: the source is different, so everyone will need to rebuild it.
Sorry, I forgot to mention that the same problem exists in boost-build, where SRC_URI should be http://downloads.sourceforge.net/project/boost/boost/${PV}/boost_${MY_PV}.tar.bz2 Anyway, thank you for the quick fix. Also, for some reason I can only change the status to UNCONFIRMED.
commit 3dfbe97ade5780da0ca05a7ceaff14e243b745bf Author: Michał Górny <mgorny@gentoo.org> AuthorDate: Thu Oct 6 11:20:51 2016 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: Thu Oct 6 11:22:09 2016 dev-util/boost-build: Use correct upstream distfile, #596220
