trojan tcpdump?

Wolfgang S. Rupprecht wolfgang.rupprecht+gnus200703 at gmail.com
Fri Mar 16 00:53:54 UTC 2007 

An FC6 yum update I just did downloaded an unsigned tcpdump rpm.
Seeing how this program is meant to be run as root, it definitely made
me go hmmmm.  Whats up with this?  Trojan or just a signing slip up?

Yum update log appended.  The kicker is in the last logged line.

-wolfgang

    # yum update -y
    Loading "installonlyn" plugin
    Loading "fastestmirror" plugin
    Setting up Update Process
    Setting up repositories
    livna                     100% |=========================| 1.1 kB    00:00     
    core                      100% |=========================| 1.1 kB    00:00     
    updates                   100% |=========================| 1.2 kB    00:00     
    http://fedora.cs.wisc.edu/pub/mirrors/linux/download.fedora.redhat.com/pub/fedora/linux/extras/6/x86_64/repodata/repomd.xml: [Errno 14] HTTP Error 503: Date: Fri, 16 Mar 2007 00:37:09 GMT
    Server: Apache
    Last-Modified: Tue, 27 Feb 2007 21:02:38 GMT
    ETag: "49800094-c15-93ed7780"
    Accept-Ranges: bytes
    Content-Length: 3093
    Connection: close
    Content-Type: text/html; charset=ISO-8859-1

    Trying other mirror.
    extras                    100% |=========================| 1.1 kB    00:00     
    Loading mirror speeds from cached hostfile
    Reading repository metadata in from local files
    primary.xml.gz            100% |=========================| 522 kB    00:03     
    updates   : ################################################## 1567/1567
    Resolving Dependencies
    --> Populating transaction set with selected packages. Please wait.
    ---> Downloading header for ntp to pack into transaction set.
    ntp-4.2.4p0-1.fc6.x86_64. 100% |=========================|  33 kB    00:00     
    ---> Package ntp.x86_64 0:4.2.4p0-1.fc6 set to be updated
    ---> Downloading header for tcpdump to pack into transaction set.
    tcpdump-3.9.4-10.fc6.x86_ 100% |=========================|  15 kB    00:00     
    ---> Package tcpdump.x86_64 14:3.9.4-10.fc6 set to be updated
    ---> Downloading header for libpcap to pack into transaction set.
    libpcap-0.9.4-10.fc6.x86_ 100% |=========================|  15 kB    00:00     
    ---> Package libpcap.x86_64 14:0.9.4-10.fc6 set to be updated
    --> Running transaction check

    Dependencies Resolved

    =============================================================================
     Package                 Arch       Version          Repository        Size 
    =============================================================================
    Updating:
     libpcap                 x86_64     14:0.9.4-10.fc6  updates            96 k
     ntp                     x86_64     4.2.4p0-1.fc6    updates           1.4 M
     tcpdump                 x86_64     14:3.9.4-10.fc6  updates           449 k

    Transaction Summary
    =============================================================================
    Install      0 Package(s)         
    Update       3 Package(s)         
    Remove       0 Package(s)         

    Total download size: 2.0 M
    Downloading Packages:
    (1/3): ntp-4.2.4p0-1.fc6. 100% |=========================| 1.4 MB    00:05     
    (2/3): tcpdump-3.9.4-10.f 100% |=========================| 449 kB    00:01     
    (3/3): libpcap-0.9.4-10.f 100% |=========================|  96 kB    00:00     


    Package tcpdump-3.9.4-10.fc6.x86_64.rpm is not signed
    #

More information about the fedora-list mailing list