Suhosin
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: Suhosin
Got it, thanks for the heads up. This is going out to the mirrors right now
Re: Suhosin
We're seeing an error:
error: rpmts_HdrFromFdno: Header V4 RSA/SHA1 signature BAD, key ID 4520afa9
Problem opening package php-suhosin-0.9.38-6.el5.art.x86_64.rpm
on our CentOS 5.x boxes.
Is header v4 versus v3 compatible with CentOS 5.x?
On our CentOS 6.x boxes, the update installs but the suhosin version is still showing 0.9.36 on the commandline and in phpinfo.
error: rpmts_HdrFromFdno: Header V4 RSA/SHA1 signature BAD, key ID 4520afa9
Problem opening package php-suhosin-0.9.38-6.el5.art.x86_64.rpm
on our CentOS 5.x boxes.
Is header v4 versus v3 compatible with CentOS 5.x?
On our CentOS 6.x boxes, the update installs but the suhosin version is still showing 0.9.36 on the commandline and in phpinfo.
Re: Suhosin
Any update on the signatures?
Seeing the same error on the mysqltuner package now in the asl repo.
The update to the CentOS 6.x package shows the correct version now so the CentOS 5.x signatures appear to be the only remaining issue.
Thanks.
Seeing the same error on the mysqltuner package now in the asl repo.
The update to the CentOS 6.x package shows the correct version now so the CentOS 5.x signatures appear to be the only remaining issue.
Thanks.
Re: Suhosin
Any update?
Can you please resign the php-suhosin (and the recent mysqltuner package) with V3 sigs for the CentOS 5.x packages?
Thanks!
Can you please resign the php-suhosin (and the recent mysqltuner package) with V3 sigs for the CentOS 5.x packages?
Thanks!
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: Suhosin
How about now? Im not seeing any problems with the suhosin packages on el5-64. I did re-export the php & mysqltuner packages earlier
Re: Suhosin
Thank you. On a quick check with the mysqltuner package, all is working properly now.
Re: Suhosin
Scott:
Could you check the suhosin EL5 package again?
On an install attempt for:
php-suhosin-0.9.38-7.el5.art.x86_64.rpm via yum, we are again getting:
error: rpmts_HdrFromFdno: Header V4 RSA/SHA1 signature BAD, key ID 4520afa9
Thanks.
Could you check the suhosin EL5 package again?
On an install attempt for:
php-suhosin-0.9.38-7.el5.art.x86_64.rpm via yum, we are again getting:
error: rpmts_HdrFromFdno: Header V4 RSA/SHA1 signature BAD, key ID 4520afa9
Thanks.
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: Suhosin
That means you're missing the newer GPG key, which is in the atomic-release package. Another way to install it is to run the atomic installer again
Re: Suhosin
Scott:
Thanks.
As best we can see we have the latest version of the atomic-release package so perhaps not the issue. It appears to be related to the V4 sig versus the V3 on other packages.
To double-check, we did a clean all and we reinstalled atomic-release from the repos which pulled down:
atomic-release-1.0-19.el5.art.noarch.rpm
After that install we tried updating and the packages are still giving the error.
Thanks.
As best we can see we have the latest version of the atomic-release package so perhaps not the issue. It appears to be related to the V4 sig versus the V3 on other packages.
To double-check, we did a clean all and we reinstalled atomic-release from the repos which pulled down:
atomic-release-1.0-19.el5.art.noarch.rpm
After that install we tried updating and the packages are still giving the error.
Re: Suhosin
Per the other thread about resolving the issue, was the php-suhosin package redone? Looking through the wwwX atomic mirrors shows a mod date of October for the latest standalone php-suhosin. The only package of the ones reported that I'm seeing a new mod date is mysql.
Re: Suhosin
Thanks for posting updated clam packages. Once the php-suhosin packages are updated, we should be good to go.
Thanks.
Thanks.
Re: Suhosin
Can someone please update the sigs on:
php-suhosin-0.9.38-7.el5.art.i386.rpm
php-suhosin-0.9.38-7.el5.art.x86_64.rpm
for CentOS 5.x so we can hopefully put these sig related issues to bed?
Each is showing:
rpm --checksig php-suhosin-0.9.38-7.el5.art.i386.rpm
RSA sha1 MD5 PGP md5 NOT OK
rpm --checksig php-suhosin-0.9.38-7.el5.art.x86_64.rpm
RSA sha1 MD5 PGP md5 NOT OK
Thank you.
php-suhosin-0.9.38-7.el5.art.i386.rpm
php-suhosin-0.9.38-7.el5.art.x86_64.rpm
for CentOS 5.x so we can hopefully put these sig related issues to bed?
Each is showing:
rpm --checksig php-suhosin-0.9.38-7.el5.art.i386.rpm
RSA sha1 MD5 PGP md5 NOT OK
rpm --checksig php-suhosin-0.9.38-7.el5.art.x86_64.rpm
RSA sha1 MD5 PGP md5 NOT OK
Thank you.
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: Suhosin
Re-importing along with the other PHP updates addressing the vulnerabilities in: http://securitytracker.com/id/1034608