RE: corrupted ISOs, or wrong SHA1SUMs ?? *WARNING*

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi All,

While I thank you for your answers, I'd just like to add that I'm no Linux beginner...

I just downloaded yet another *2* DVD images directly from Linux : 
- one using http://mirrors.fedoraproject.org/mirrorlist?path=pub/fedora/linux/releases/9/Fedora/x86_64/iso/Fedora-9-x86_64-DVD.iso&country=FR&redirect=1
- the other one using the URL in my firefox download history : ftp://fr2.rpmfind.net//linux/fedora/releases/9/Fedora/x86_64/iso/Fedora-9-x86_64-DVD.iso

And you know what ?? 1st DVD image is correct, and second *IS incorrect*.
These files differ ! And based on the SHA1SUM, I'm tempted to say the rpmfind one is corrupted.

I tried to see what are the binary differences between the 2 files : it looks like there is only one little difference :

File that is OK :

1AC4 3670: 8D CF 19 56 0A C6 AF 36  80 B3 38 94 05 F8 34 04
1AC4 3680: BA 4F 07 4C 9A E1 D3 01  8D 77 AC 3A BE D9 7B B5
1AC4 3690: 07 56 0D 9A A0 4D 2A 1C  7A C3 BE 80 EA 77 1B 94
1AC4 36A0: BA A1 77 98 7E 32 84 99  BB 43 67 0E 6C D8 00 A3

Files that are *NOT* OK :
Windows one :

1AC4 3670: 8D CF 19 56 0A C6 AF 36  80 B3 38 94 05 F8 34 05
1AC4 3680: 3A 4F 5F 4C 82 E1 AA 81  85 77 AD F2 BC D7 7B 99
1AC4 3690: 07 51 ED 98 B8 4F 48 1C  8E 43 81 80 EA 77 1B 94
1AC4 36A0: BA A1 77 98 7E 32 14 99  BB 43 67 0E 6C D8 00 A3

Linux one :
1AC4 3670: 8D CF 19 56 0A C6 AF 36  80 B3 38 94 05 F8 34 04
1AC4 3680: BA 4F 07 4C 9A E1 D3 01  8D 77 AC 3A BE D9 7B B5
1AC4 3690: 07 56 0D 9A A0 4D 2A 1C  7A C3 BE 80 EA 77 1B 94
1AC4 36A0: BA A1 77 98 7E 32 84 99  BB 43 67 0E 6C D8 00 A3

That's the only difference vbindiff could find... and as you can see, 2 different differences are at the same address.

Now comes the warning and the question: is this a hack ???

There's no more windows/cygwin question here... Is there any fedora security guy who could assure me ISOs were not modified (and who could explain those differences) ? Is there another (security ?) list that should be contacted regarding this subject ?

Thanks

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux