#87 closed defect (fixed)
Option --with-checksum broken
Reported by: | rainer | Owned by: | rainer |
---|---|---|---|
Priority: | blocker | Milestone: | 2.4.2 |
Component: | main | Version: | 2.3.5 |
Keywords: | Cc: |
Description
The option --with-checksum, which compiles in the TIGER192 checksum of the gpg executable,is broken for releases 2.3.5 to 2.4.1a inclusive. As a result, the checksum of the gpg executable is not verified before checking the PGP signature of configuration and baseline database files. Also, running './samhain -H /filename' will return an incorrect result (discovered and reported by halosfan). Note that this issue does not affect file checksumming.
Note:
See TracTickets
for help on using tickets.
Fixed in changeset [159].