Hallo,

since yesterday, on /one/ of my two 'armhf' SBCs running Beowulf,
updating the available packages from the 'beowulf-security' repo at
'http://deb.devuan.org/merged/' fails with a hash sum mismatch:

    E: Failed to fetch
    http://deb.devuan.org/merged/dists/beowulf-security/main/binary-armhf/Packages.gz
    Hash Sum mismatch Hashes of expected file:
        - Filesize:313442 [weak]
        -
    SHA256:8bb364c5751d0f71cec2b6f62e460430dc10255dbdaa04824f8b4f4bfdb4056d
    Hashes of received file:
        -
    SHA256:e88fc4cfd052a1eab057ff1c61fbaa31e00d926bd513e9f629a9def18492bcc9
        - Filesize:313442 [weak]
       Last modification reported: Mon, 21 Dec 2020 03:21:07 +0000
       Release file created at: Mon, 21 Dec 2020 03:30:03 +0000

I tried to update using TLS, but then I get a cert error:

    Err:4 https://deb.devuan.org/merged beowulf-security
    Release Certificate verification failed: The certificate is NOT
    trusted. The name in the certificate does not match the expected.
    Could not handshake: Error in the certificate verification. [IP:
    195.85.215.180 443]

The served certificate had been issued for 'devuan.packet-gain.de':

    Serial Number
    03:BD:C3:B7:3A:5C:21:6F:C2:AE:E3:EE:7F:EB:25:C6:64:0B

    SHA-256
    24:8E:31:3C:3D:41:98:FC:CC:33:5A:D1:5A:70:4E:43:84:19:FF:9E:7E:B9:51:D6:49:A2:95:86:A4:9B:7B:AB

    SHA-1
    D9:91:FF:59:E0:0E:86:1C:81:57:C0:EF:C2:71:72:04:8C:33:D8:5E

The same happens with 'http://pkgmaster.devuan.org/merged' - as already
mentioned only with one device, the other one updates fine.

Is there any spare light to be shed on this issue?

Thanks and best regards,
Florian