Gentoo Archives: gentoo-security

From: Russell Adams <RLAdams@××××××××××××××.com>
To: gentoo-security@g.o
Subject: Re: [gentoo-security] MD5 mismatch for XFree86 patch
Date: Fri, 05 Dec 2003 09:33:36
Message-Id: 20031205153332.GE31019@soja.ksnet.com.
In Reply to: Re: [gentoo-security] MD5 mismatch for XFree86 patch by Ryan Voots
This is the way HLUG and I caught the trojaned libpcap/tcpdump sources
on the home site a while back. (http://www.adamsinfoserv.com/trojan.html)

MD5's were good on the mirrors, but failed when downloading from the
home site.

To be thorough, check the validity of the files you download from
multiple sources. Switch mirrors and then force a download from the
home site for that package and watch your checksums.

Russell

On Fri, Dec 05, 2003 at 12:54:07AM -0600, Ryan Voots wrote:
> On Fri, 05 Dec 2003 12:31:42 +0600 > "Anuradha Ratnaweera" <ARatnaweera@×××××××.com> Add to Address Book > wrote: > > > On Fri, 2003-12-05 at 11:46, Ryan Voots wrote: > > > > > > > > I tried to emerge gaim, and there was a MD5 mismatch for XFree86 > > > > patches. Wondering if it has got to do with the compromise. > > > > > > while its possible, i dont know if the server also hosted things > regarding distributing files, AFAIK no rsync server does file hosting > also > > > > Was a bit paranoid, if the intruder may have changed both MD5 sum on > the > > rsync server (are they there, at first place?) _and_ the source > tarball > > on the other site, > > the MD5's are sent with the portage tree AFAIK, if you are concered > about that, make sure you do an emerge sync *the affected server is out > of rotation now i believe* > > > -----BEGIN GEEK CODE BLOCK---- > Version: 3.1 > GCS/CM/E/M/S/O d--(-) s:+>:- > a--->-->->>+>++>+++$ C+++>++++$ UL++++>++++$ > P+++>++++$ L++++>++++$ !E-? W++>++$>+++$ > N++>* !o? !K? w--->---$ O-- M-@ !V--? PS+++(++(+((-)))) > PE Y+(++)@ PGP+++(++) t+++>+++$ 5--(-)@ X++@>+++@ > R+(++)@ tv+++@>++@ b+>++ DI++++ D+++@ G+++>++++ > e>+$>++$>+++$>++++$>+++++$ h+>++ r*(--(++))@ !y+>-->->+++@ > -----END GEEK CODE BLOCK-----
-- gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] MD5 mismatch for XFree86 patch Ryan Voots <simcop2387@×××××.com>
Re: [gentoo-security] MD5 mismatch for XFree86 patch Philippe Coulonges <cphil@×××××.net>