[users] ClamAV tampered or corrupt

RPMForge Users-list Readers role.rpmforge at axoria.net
Mon Jan 7 08:31:01 CET 2008


Hi guys...

The following has been happening to me ever since the new clam engine
became available -- it's not just a one-off today.

I dare not install _anything_ while packages are publicly available with
digests and signatures broken... it leaves me a little anxious about
integrity in general.

Has anyone else seen this? Can anyone shed some light? Thanks!


        Downloading headers to solve dependencies...
        #######################################
        Downloading headers to solve dependencies...
        ########################################
        error: rpmts_HdrFromFdno: MD5 digest: BAD
            Expected(4cfea80bf8596cf525cf5fbf404fde52) !=
            (25ce19cdde624bd7ac81bc54f85bbd70)
        clamav-0.92-1.el4.rf.i386.r error: rpmts_HdrFromFdno: V3 DSA
            signature: BAD, key ID 6b8d79e6
        The package clamav-0.92-1.el4.rf does not have a valid GPG
            signature.
        It has been tampered with or corrupted.  Aborting...
        
        ************ GPG VERIFICATION ERROR ****************
        The package clamav-0.92-1.el4.rf failed its gpg signature
            verification. This means the package is corrupt.
        ****************************************************

(Just an excerpt from running up2date -u --download as usual.)


-- 
Best regards,
James.
________________________________________________________________________
Axoria Ltd UK: Internet Security, Interactive Websites, Bespoke Software
http://axoria.net/                                                  E&OE




More information about the users mailing list