Hi, Ruud Bos wrote: > I tried to download two different ISO files via > https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/ > Everytime a download has completed, Firefox mentions that the ISO contains > a virus. I tried downloading both the GNOME and MATE ISO's.
This accusation by Firefox is not new: https://lists.debian.org/debian-cd/2020/07/msg00056.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966538 Regrettably there is no hint what part of the ISOs exactly is accused of being malware. Do you see any information beyond the statement that there is a virus ? It is unlikely that Debian inadvertently packages any virus. To verify that the ISOs have not been tampered with, download into the same directory as the ISOs: https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/SHA512SUMS https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/SHA512SUMS.sign Verify the authenticity of SHA512SUMS by a run of gpg --keyserver keyring.debian.org --verify SHA512SUMS.sign SHA512SUMS which must report gpg: Good signature from "Debian CD signing key <debian-cd@lists.debian.org>" ... Primary key fingerprint: DF9B 9C49 EAA9 2984 3258 9D76 DA87 E80D 6294 BE9B The reported "key fingerprint" must match one of those listed at https://www.debian.org/CD/verify . When the SHA512SUMS was verified by SHA512SUMS.sign and the public Debian key, let program "sha512sum" check for matches: sha512sum -c SHA512SUMS must report debian-live-10.6.0-i386-gnome.iso : OK debian-live-10.6.0-i386-mate.iso : OK ...other.ISOs... : FAILED open or read sha512sum: WARNING: ... listed files could not be read It must not report debian-live-10.6.0-i386-gnome.iso : FAILED ... sha512sum: WARNING: ... listed files could not be read sha512sum: WARNING: 1 computed checksum did NOT match If the verification succeeds, consider to file a bug in Ubuntu against the virus checker of Firefox. Have a nice day :) Thomas
