Bug#247397: kdelibs-bin: checksum differs from installed package

To: Chris Cheney <ccheney@cheney.cx>
Cc: ross@biostat.ucsf.edu, 247397@bugs.debian.org
Subject: Bug#247397: kdelibs-bin: checksum differs from installed package
From: Ross Boylan <ross@biostat.ucsf.edu>
Date: Tue, 04 May 2004 16:01:31 -0700
Message-id: <[🔎] 1083711691.7041.61.camel@iron.libaux.ucsf.edu>
Reply-to: Ross Boylan <ross@biostat.ucsf.edu>, 247397@bugs.debian.org
In-reply-to: <[🔎] 20040504220433.GI15365@cheney.cx>
References: <[🔎] E1BL7XK-00049i-Mx@iron.libaux.ucsf.edu> <[🔎] 20040504220433.GI15365@cheney.cx>

On Tue, 2004-05-04 at 15:04, Chris Cheney wrote:
> On Tue, May 04, 2004 at 02:33:10PM -0700, Ross Boylan wrote:
> > Package: kdelibs-bin
> > Version: 4:3.2.2-2
> > Severity: minor
> > 
> > tiger reports
> > --FAIL-- [lin005f] Installed file `/usr/bin/kfmexec' checksum differs 
> > from installed package ''.
> > 
> > I don't know why, and I doubt it's significant, but I thought I'd let 
> > you know.
> 
> If the md5sum really is different then it may mean your system is
> compromised, and it definitely is significant. I have not used tiger
> before but you can check if they are the same by using md5sum as below:
> 
> lrwxrwxrwx    1 root     root            7 2004-04-21 18:51 /usr/bin/kfmexec -> kioexec
> 
> md5sum /usr/bin/kioexec
> 77e8c8f8f68d07469f9835259d1f3682  /usr/bin/kioexec
> 
> grep kioexec /var/lib/dpkg/info/kdelibs-bin.md5sums
> 77e8c8f8f68d07469f9835259d1f3682  usr/bin/kioexec
> 
> Please follow up with what you find out...
> 
> Thanks,
> Chris
iron:~# md5sum /usr/bin/kioexec
77e8c8f8f68d07469f9835259d1f3682  /usr/bin/kioexec
iron:~# grep kioexec /var/lib/dpkg/info/kdelibs-bin.md5sums
77e8c8f8f68d07469f9835259d1f3682  usr/bin/kioexec
By eye, identical with each other and with your results.
By diff, identical with each other.

Pretty weird.

I wonder if the tiger run could have caught things  in
mid-installation?  That seems unlikely given when I think it runs. On
Apr 27 around noon I upgraded to kdelibs-bin 3.2.2-2.
I got the warning from tiger on Apr 28 around 1am.  The warning itself
doesn't have a specific time on it, but inspecting my tiger cronrc makes
me pretty confident the job started at 1am.

I reran deb_checkmd5sums independently to see if it still reports
anything for this file, and it doesn't.  I also note the line preceding
the report says
# Verifying system specific password checks...
when it should say
# Checking md5sums of installed files

All in all, it's probably OK to close this.  I'll watch to see if it
recurs, and consider that it might be a tiger bug.

I appreciate your quick response and alerting me that this might be a
sign I'd been cracked.
-- 
Ross Boylan                                      wk:  (415) 502-4031
530 Parnassus Avenue (Library) rm 115-4          ross@biostat.ucsf.edu
Dept of Epidemiology and Biostatistics           fax: (415) 476-9856
University of California, San Francisco
San Francisco, CA 94143-0840                     hm:  (415) 550-1062

Reply to:

References:
- Bug#247397: kdelibs-bin: checksum differs from installed package
  - From: Ross Boylan <ross@biostat.ucsf.edu>
- Bug#247397: kdelibs-bin: checksum differs from installed package
  - From: Chris Cheney <ccheney@cheney.cx>

Prev by Date: Bug#247365: KDM should use /etc/dm/Sessions as a source for its .desktop files or ship a xfce4.desktop
Next by Date: Bug#227538: kdelibs: mixed results on 3.2.2
Previous by thread: Bug#247397: kdelibs-bin: checksum differs from installed package
Next by thread: Bug#246292: marked as done (kdelibs-bin: no menu-methods file anymore)
Index(es):
- Date
- Thread