libstdc++3-devel-3.0.4-1.i386.rpm in 7.2 updates doesn't verify

Todd Freedom_Lover at pobox.com
Mon Jan 26 17:50:37 UTC 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I was setting up a 7.2 playground in VMware so I could try to QA and
verify packages for both 7.2 and 7.3 (and 8.0 once yum gets rebuilt
for it, but that's another thread to start).  While running yum update
after the install, I found a problem with one of the files in the
download.fedoralegacy.org archive.

# yum update
[...]
Getting libstdc++3-devel-3.0.4-1.i386.rpm
Error: MD5 Signature check failed for /var/cache/yum/updates/packages/libstdc++3-devel-3.0.4-1.i386.rpm
You may want to run yum clean or remove the file:
 /var/cache/yum/updates/packages/libstdc++3-devel-3.0.4-1.i386.rpm
Exiting.

Downloading the file manually I still can't get it to verify:

# rpm -Kv libstdc++3-devel-3.0.4-1.i386.rpm 
libstdc++3-devel-3.0.4-1.i386.rpm:
MD5 sum mismatch
Expected: 11dd881955f196fc7159415f49399a31
Saw     : b136a51a08ac3d96ddf145bd14b9086e
gpg: Signature made Sun 10 Mar 2002 10:37:55 PM EST using DSA key ID DB42A60E
gpg: BAD signature from "Red Hat, Inc <security at redhat.com>"

I pulled down the all the binary updates for 7.2 and verified them.
The only one that has a problem is libstdc++3-devel-3.0.4-1.i386.rpm.
Can anyone confirm this?

If it is corrupted, it'd be good to get the right file in place before
mirrors start syncing against the download server.  It might even be
good to check out the bad package more closely to see if it was an
intentional corruption.

At least one other mirror has the corrupt rpm (speakeasy.rpmfind.net).
I imagine there are others.  I got a good version from:

    ftp://rpmfind.net/linux/redhat/updates/7.2/en/os/i386

- -- 
Todd        OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
======================================================================
It is hard to fight an enemy who has outposts in your head.
    -- Sally Kempton

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iD8DBQFAFVNtuv+09NZUB1oRAnijAKCiIu8EeOxizKthm6veMxrrdjFpTQCgmc5w
MyP57lQRhw185kWFr3m4YJs=
=85Nt
-----END PGP SIGNATURE-----

More information about the fedora-legacy-list mailing list