pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg/40510: download-vulnerabilitiy-list fails to verify the list.

>Number:         40510
>Category:       pkg
>Synopsis:       download-vulnerability-list cannot verify the list
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jan 29 10:35:00 +0000 2009
>Originator:     Robert W.
>Release:        NetBSD 4.0.1
System: NetBSD robert-pickton 4.0.1 NetBSD 4.0.1 (ROBERT_PICKTON_4-1) #1: Wed 
Oct 15 12:07:45 CEST 2008 
Architecture: i386
Machine: i386
        At least since 2009/01/28, download-vulnerabilities-list fails to verify
        the list after down load
        ------ Output from /usr/pkg/sbin/download-vulnerability-list ---------
        local: pkg-vulnerabilities.3889.gz remote: pkg-vulnerabilities.gz
        229 Entering Extended Passive Mode (|||51421|)
        150 Opening BINARY mode data connection for 'pkg-vulnerabilities.gz' 
(51725 bytes).
 51725      50.19 KB/s    00:00 ETA
        226 Transfer complete.
        51725 bytes received in 00:01 (49.69 KB/s)
                Data traffic for this session was 51725 bytes in 1 file.
                Total traffic for this session was 56075 bytes in 1 transfer.
        221 Thank you for using the FTP service on
        ***ERROR*** Failed to verify the newly downloaded vulnerabilities file
    ----- End Output -------------

        Downloading the file manually and verifying it using gpg yields to the
        ----- Output from gpg ---------------
        bash-3.2# gpg --verify pkg-vulnerabilities.gz
        gpg: no valid OpenPGP data found.
        gpg: the signature could not be verified.
        Please remember that the signature file (.sig or .asc)
        should be the first file given on the command line.
        ----- End Output

        1) open a shell
        2) execute as root /usr/pkg/sbin/download-vulnerability-list
none known


Home | Main Index | Thread Index | Old Index