Re: [Full-disclosure] Different signatures on mirror sites for ethereal 0.10.13
prozente_at_gmail.com
Date: 10/23/05
- Previous message: Thierry Zoller: "Re: [Full-disclosure] vhost enumeration"
- In reply to: Rein van Koten: "[Full-disclosure] Different signatures on mirror sites for ethereal 0.10.13"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 22 Oct 2005 17:51:23 -0500 To: Rein van Koten <vankoten@xs4all.nl>
\/ see below - the mirrors must still be updating...
---------- Forwarded message ----------
From: Gerald Combs <gerald@ethereal.com>
Date: Oct 20, 2005 5:31 PM
Subject: [Ethereal-announce] Updated Ethereal 0.10.13 source
distribution available
To: ethereal-announce@ethereal.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The ethereal-0.10.13.tar.bz2 source distribution released yesterday was
inadvertently compressed using gzip instead of bzip2. A correct
distribution has been placed on the web site with the following hashes:
MD5(ethereal-0.10.13.tar.bz2)=9998cb4907a70925d33292bae89530d4
SHA1(ethereal-0.10.13.tar.bz2)=d83a326bb3b274c63e96c783c8b65a0ca848d721
RIPEMD160(ethereal-0.10.13.tar.bz2)=7d209f6c0a932f844ac1ab5fe9cfdef4145ee423
None of the other files released yesterday have changed.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDWBq6kXaEuZt2wEERAj9SAKCU+v3uGpDlpVQuQ2E1z32Swkst9QCg9FJG
bn18+2YzyTeRMcOE0j5dTNw=
=DWtO
-----END PGP SIGNATURE-----
_______________________________________________
Ethereal-announce mailing list
Ethereal-announce@ethereal.com
http://www.ethereal.com/mailman/listinfo/ethereal-announce
On 10/21/05, Rein van Koten <vankoten@xs4all.nl> wrote:
> Interesting?
>
> While updating systems with ethereal 0.10.13 I downloaded from different
> sites... While checking MD5sums discovered that at least there is a
> difference between the SIGNATURES-0.10.13.txt files on the main ethereal
> site and tuwien.
>
> Difference is only for the tar.bz2 source file...
>
> Main site:
> MD5(ethereal-0.10.13.tar.bz2)=08d277951ff6f6a93c752abebd85d5bc
> SHA1(ethereal-0.10.13.tar.bz2)=4ed2014a1ede6bdb05fbe99b0469a030c7794a13
> RIPEMD160(ethereal-0.10.13.tar.bz2)=54f6431ac2d807e0d7dd896af71463d340c66107
>
> TUWIEN:
> MD5(ethereal-0.10.13.tar.bz2)=9998cb4907a70925d33292bae89530d4
> SHA1(ethereal-0.10.13.tar.bz2)=d83a326bb3b274c63e96c783c8b65a0ca848d721
> RIPEMD160(ethereal-0.10.13.tar.bz2)=7d209f6c0a932f844ac1ab5fe9cfdef4145ee423
>
> All other filesums match.
>
> Now downloading all files and looking at the sources.
>
> Maybe it is my mistake, maybe something weird is going on. In case of the
> latter decided to bare the blame if it is my mistake. Do not like the idea
> of tampered ethereal sources....
>
> Regards,
>
> Rein
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Previous message: Thierry Zoller: "Re: [Full-disclosure] vhost enumeration"
- In reply to: Rein van Koten: "[Full-disclosure] Different signatures on mirror sites for ethereal 0.10.13"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
