Re: 10.7 planning
Isy and I can do any of these dates. We'll keep the dates clear until you announce the point release. Cheers On 30 October 2020 19:10:20 GMT, "Adam D. Barratt" wrote: >Hi, > >In an attempt to be slightly more efficient than usual at planning a >point release... it's about a month since 10.6, so let's start looking >at dates for 10.7. > >Please could you confirm your availability, and any preferences, for >the following: > >- November 21st >- November 28th >- December 5th > >Thanks, > >Adam -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: 10.7 planning
On 15937 March 1977, Adam D. Barratt wrote: In an attempt to be slightly more efficient than usual at planning a point release... it's about a month since 10.6, so let's start looking at dates for 10.7. - November 21st - November 28th - December 5th Right now they all look good for me. -- bye, Joerg
Re: 10.7 planning
Hi Everyone! On 10/30/20 3:10 PM, Adam D. Barratt wrote: > Hi, > > In an attempt to be slightly more efficient than usual at planning a > point release... it's about a month since 10.6, so let's start looking > at dates for 10.7. > > Please could you confirm your availability, and any preferences, for > the following: > > - November 21st > - November 28th > - December 5th > All dates are fine with Publicity, with a very slight preference for the 28th. -- -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Donald Norwood ⢿⡄⠘⠷⠚⠋⠀ B7A1 5F45 5B28 7F38 4174 ⠈⠳⣄ D5E9 E5EC 4AC9 BD62 7B05
Firefox claims i386 images contain virus or malware
Dear team, I tried to download two different ISO files via https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/ Everytime a download has completed, Firefox mentions that the ISO contains a virus. I tried downloading both the GNOME and MATE ISO's. I am using the latest Firefox 82.0 (64-bit) on Ubuntu 20.04.1 Sincerely, Ruud
Re: Firefox claims i386 images contain virus or malware
Hi, Ruud Bos wrote: > I tried to download two different ISO files via > https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/ > Everytime a download has completed, Firefox mentions that the ISO contains > a virus. I tried downloading both the GNOME and MATE ISO's. This accusation by Firefox is not new: https://lists.debian.org/debian-cd/2020/07/msg00056.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966538 Regrettably there is no hint what part of the ISOs exactly is accused of being malware. Do you see any information beyond the statement that there is a virus ? It is unlikely that Debian inadvertently packages any virus. To verify that the ISOs have not been tampered with, download into the same directory as the ISOs: https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/SHA512SUMS https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/SHA512SUMS.sign Verify the authenticity of SHA512SUMS by a run of gpg --keyserver keyring.debian.org --verify SHA512SUMS.sign SHA512SUMS which must report gpg: Good signature from "Debian CD signing key " ... Primary key fingerprint: DF9B 9C49 EAA9 2984 3258 9D76 DA87 E80D 6294 BE9B The reported "key fingerprint" must match one of those listed at https://www.debian.org/CD/verify . When the SHA512SUMS was verified by SHA512SUMS.sign and the public Debian key, let program "sha512sum" check for matches: sha512sum -c SHA512SUMS must report debian-live-10.6.0-i386-gnome.iso : OK debian-live-10.6.0-i386-mate.iso : OK ...other.ISOs... : FAILED open or read sha512sum: WARNING: ... listed files could not be read It must not report debian-live-10.6.0-i386-gnome.iso : FAILED ... sha512sum: WARNING: ... listed files could not be read sha512sum: WARNING: 1 computed checksum did NOT match If the verification succeeds, consider to file a bug in Ubuntu against the virus checker of Firefox. Have a nice day :) Thomas
Re: Firefox claims i386 images contain virus or malware
Hey folks, nd the same I'm can reproduce the same thing here too at the moment. amd64 images are similarly affected. Previously, this seemed to be caused by another (unrelated) download from the same server in Sweden. Maswan, can you check for any more info please? On Sat, Oct 31, 2020 at 11:06:19PM +0100, Thomas Schmitt wrote: >Hi, > >Ruud Bos wrote: >> I tried to download two different ISO files via >> https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/ >> Everytime a download has completed, Firefox mentions that the ISO contains >> a virus. I tried downloading both the GNOME and MATE ISO's. > >This accusation by Firefox is not new: > https://lists.debian.org/debian-cd/2020/07/msg00056.html > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966538 >Regrettably there is no hint what part of the ISOs exactly is accused of >being malware. >Do you see any information beyond the statement that there is a virus ? > >It is unlikely that Debian inadvertently packages any virus. >To verify that the ISOs have not been tampered with, download into the >same directory as the ISOs: > > > https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/SHA512SUMS > > https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/SHA512SUMS.sign > >Verify the authenticity of SHA512SUMS by a run of > > gpg --keyserver keyring.debian.org --verify SHA512SUMS.sign SHA512SUMS > >which must report > > gpg: Good signature from "Debian CD signing key " > ... > Primary key fingerprint: DF9B 9C49 EAA9 2984 3258 9D76 DA87 E80D 6294 BE9B > >The reported "key fingerprint" must match one of those listed at > https://www.debian.org/CD/verify . > >When the SHA512SUMS was verified by SHA512SUMS.sign and the public Debian >key, let program "sha512sum" check for matches: > > sha512sum -c SHA512SUMS > >must report > > debian-live-10.6.0-i386-gnome.iso : OK > debian-live-10.6.0-i386-mate.iso : OK > ...other.ISOs... : FAILED open or read > sha512sum: WARNING: ... listed files could not be read > >It must not report > > debian-live-10.6.0-i386-gnome.iso : FAILED > ... > sha512sum: WARNING: ... listed files could not be read > sha512sum: WARNING: 1 computed checksum did NOT match > >If the verification succeeds, consider to file a bug in Ubuntu against >the virus checker of Firefox. > > >Have a nice day :) > >Thomas > > -- Steve McIntyre, Cambridge, UK.st...@einval.com "The problem with defending the purity of the English language is that English is about as pure as a cribhouse whore. We don't just borrow words; on occasion, English has pursued other languages down alleyways to beat them unconscious and rifle their pockets for new vocabulary." -- James D. Nicoll
