here is a exsample [code]--23:06:04-- http://www.ibiblio.org/pub/Linux/distributions/gentoo/distfiles/tcpdump-3.7.1.tar.gz => `/usr/portage/distfiles/tcpdump-3.7.1.tar.gz' Resolving www.ibiblio.org... done. Connecting to www.ibiblio.org[152.2.210.81]:80... connected. HTTP request sent, awaiting response... 200 OK Length: 428,737 [application/x-tar] 100%[==================================================================>] 428,737 24.31K/s ETA 00:00 23:06:22 (24.31 KB/s) - `/usr/portage/distfiles/tcpdump-3.7.1.tar.gz' saved [428737/428737] >>> Unpacking source... >>> Unpacking tcpdump-3.7.1.tar.gz >>> Source unpacked. ssl creating cache ./config.cache checking host system type... i686-pc-linux-gnu checking for gcc... gcc checking whether the C compiler (gcc -march=pentium3 -O3 -pipe ) works... yes checking whether the C compiler (gcc -march=pentium3 -O3 -pipe ) is a cross-compiler... no checking whether we are using GNU C... yes [/code] Thorsten. ps: btw tcpdump and libcap contains a trojan. [url]http://hlug.fscker.com/[/url]
Nothing here that says anything useful. Reopen if there's a reason and an explanation.
our sources dont contain the trojan which is why the package was accepted :P
in fact if you read the report you'll notice it says this: Good sources: http://www.ibiblio.org/pub/Linux/distributions/gentoo/distfiles/libpcap-0.7.1.tar.gz http://www.ibiblio.org/pub/Linux/distributions/gentoo/distfiles/tcpdump-3.6.2.tar.gz http://www.ibiblio.org/pub/Linux/distributions/gentoo/distfiles/tcpdump-3.7.1.tar.gz
well maybe ist the ebuild. but with other ebuild i get a line saying something like >>> md5 ;-) <downloaded tarball> but with this i dont get it. And even if the donwload of tcpdump is from the right source, should not be an excuse having not the md5 verification.
works over here ... what version of portage you running ? root@vapier root # ls /usr/portage/distfiles/tcpdump-3.7.1.tar.gz /usr/portage/distfiles/tcpdump-3.7.1.tar.gz root@vapier root # emerge tcpdump Calculating dependencies ...done! >>> emerge (1 of 1) net-analyzer/tcpdump-3.7.1 to / >>> md5 ;-) tcpdump-3.7.1.tar.gz root@vapier root # rm /usr/portage/distfiles/tcpdump-3.7.1.tar.gz root@vapier root # emerge tcpdump Calculating dependencies ...done! >>> emerge (1 of 1) net-analyzer/tcpdump-3.7.1 to / >>> Downloading ftp://ftp.ibiblio.org/pub/Linux/distributions/gentoo/distfiles/t cpdump-3.7.1.tar.gz --11:02:22-- ftp://ftp.ibiblio.org/pub/Linux/distributions/gentoo/distfiles/tcp dump-3.7.1.tar.gz => `/usr/portage/distfiles/tcpdump-3.7.1.tar.gz' Resolving ftp.ibiblio.org... done. Connecting to ftp.ibiblio.org[152.2.210.81]:21... connected. Logging in as anonymous ... Logged in! ==> SYST ... done. ==> PWD ... done. ==> TYPE I ... done. ==> CWD /pub/Linux/distributions/gentoo/distfiles ... done . ==> PASV ... done. ==> RETR tcpdump-3.7.1.tar.gz ... done. Length: 428,737 (unauthoritative) 100%[====================================>] 428,737 64.19K/s ETA 00:00 11:02:30 (64.19 KB/s) - `/usr/portage/distfiles/tcpdump-3.7.1.tar.gz' saved [428737] >>> md5 ;-) tcpdump-3.7.1.tar.gz
Portage 2.0.44 (default-x86-1.4, gcc-3.2, glibc-2.2.5-r4,2.2.5-r7)
can you verify this still happens with 2.0.4{6,7} ?
well re-open if you can define a procedure that is reproducable
