| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <17827.161.85.127.139.1129905097.squirrel@161.85.127.139> Date: Sat Oct 22 17:26:05 2005 From: vankoten at xs4all.nl (Rein van Koten) Subject: Different signatures on mirror sites for ethereal 0.10.13 Interesting? While updating systems with ethereal 0.10.13 I downloaded from different sites... While checking MD5sums discovered that at least there is a difference between the SIGNATURES-0.10.13.txt files on the main ethereal site and tuwien. Difference is only for the tar.bz2 source file... Main site: MD5(ethereal-0.10.13.tar.bz2)=08d277951ff6f6a93c752abebd85d5bc SHA1(ethereal-0.10.13.tar.bz2)=4ed2014a1ede6bdb05fbe99b0469a030c7794a13 RIPEMD160(ethereal-0.10.13.tar.bz2)=54f6431ac2d807e0d7dd896af71463d340c66107 TUWIEN: MD5(ethereal-0.10.13.tar.bz2)=9998cb4907a70925d33292bae89530d4 SHA1(ethereal-0.10.13.tar.bz2)=d83a326bb3b274c63e96c783c8b65a0ca848d721 RIPEMD160(ethereal-0.10.13.tar.bz2)=7d209f6c0a932f844ac1ab5fe9cfdef4145ee423 All other filesums match. Now downloading all files and looking at the sources. Maybe it is my mistake, maybe something weird is going on. In case of the latter decided to bare the blame if it is my mistake. Do not like the idea of tampered ethereal sources.... Regards, Rein
Powered by blists - more mailing lists