[Pkg-privacy-maintainers] Bug#852732: Bug#852732: torbrowser-launcher: upon upggrade 6.0.8 to 6.5: "SIGNATURE VERIFICATION FAILED: You might be under attack ..."

u u at 451f.org
Fri Jan 27 18:12:00 UTC 2017


Hi,

thanks for this report.

Sebastian Niehaus:
> Package: torbrowser-launcher Version: 0.1.9-1+deb8u3 Severity:
> normal

First of all, this looks like a *very* old version of
torbrowser-launcher. You should probably update your system once in a
while :)

> I now get an error message:
> 
> "SINATURE VERIFICATION FAILED! You might be under attack, or there
> might be a networking problem. Click Start try the download again"

Upstream has a ticket about this:
https://github.com/micahflee/torbrowser-launcher/issues/260

In short, torbrowser-launcher includes the IDs of the keys used to sign
torbrowser releases. However, the latest release was signed with a new key.

We'll prepare a patched version for Debian, however, this will not be
available for old stable unless someone backports it there.

Cheers!
ulrike



More information about the Pkg-privacy-maintainers mailing list