From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp-out-no.shaw.ca (smtp-out-no.shaw.ca [64.59.134.12]) by sourceware.org (Postfix) with ESMTPS id 8C89C386F430 for ; Tue, 21 Apr 2020 22:07:05 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 8C89C386F430 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=SystematicSw.ab.ca Authentication-Results: sourceware.org; spf=none smtp.mailfrom=brian.inglis@systematicsw.ab.ca Received: from [192.168.1.104] ([24.64.172.44]) by shaw.ca with ESMTP id R12kjYHm562brR12ljSV1h; Tue, 21 Apr 2020 16:07:04 -0600 X-Authority-Analysis: v=2.3 cv=LKf9vKe9 c=1 sm=1 tr=0 a=kiZT5GMN3KAWqtYcXc+/4Q==:117 a=kiZT5GMN3KAWqtYcXc+/4Q==:17 a=IkcTkHD0fZMA:10 a=w_pzkKWiAAAA:8 a=iP3L5UVLyNdveXWp_FYA:9 a=H60BrSVLGWd7BuxL:21 a=6jeoB0NOknzhWrtp:21 a=QEXdDO2ut3YA:10 a=WK-i71OpKu4A:10 a=sRI3_1zDfAgwuvI8zelB:22 Reply-To: cygwin@cygwin.com Subject: Re: Cygwin setup error To: cygwin@cygwin.com References: <8d287574-f820-564b-4794-e35e3429174c@gmail.com> From: Brian Inglis Autocrypt: addr=Brian.Inglis@SystematicSw.ab.ca; prefer-encrypt=mutual; keydata= mDMEXopx8xYJKwYBBAHaRw8BAQdAnCK0qv/xwUCCZQoA9BHRYpstERrspfT0NkUWQVuoePa0 LkJyaWFuIEluZ2xpcyA8QnJpYW4uSW5nbGlzQFN5c3RlbWF0aWNTdy5hYi5jYT6IlgQTFggA PhYhBMM5/lbU970GBS2bZB62lxu92I8YBQJeinHzAhsDBQkJZgGABQsJCAcCBhUKCQgLAgQW AgMBAh4BAheAAAoJEB62lxu92I8Y0ioBAI8xrggNxziAVmr+Xm6nnyjoujMqWcq3oEhlYGAO WacZAQDFtdDx2koSVSoOmfaOyRTbIWSf9/Cjai29060fsmdsDLg4BF6KcfMSCisGAQQBl1UB BQEBB0Awv8kHI2PaEgViDqzbnoe8B9KMHoBZLS92HdC7ZPh8HQMBCAeIfgQYFggAJhYhBMM5 /lbU970GBS2bZB62lxu92I8YBQJeinHzAhsMBQkJZgGAAAoJEB62lxu92I8YZwUBAJw/74rF IyaSsGI7ewCdCy88Lce/kdwX7zGwid+f8NZ3AQC/ezTFFi5obXnyMxZJN464nPXiggtT9gN5 RSyTY8X+AQ== Organization: Systematic Software Message-ID: Date: Tue, 21 Apr 2020 16:07:02 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 MIME-Version: 1.0 In-Reply-To: <8d287574-f820-564b-4794-e35e3429174c@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-CA Content-Transfer-Encoding: 7bit X-CMAE-Envelope: MS4wfFOris1CP68twxzF9NvrgspnAl49i1filxGj1RquxnHV31TIa1raUl6eW81er7R7Rt0GWzOoRXrlmx7Aa2o51BXuw/iIcM4LpCIhZoQoxtNKf7HkyYGk w7ZHPkGhtQz65p3d0q9EJRaSLej5F5znBbOEdunXBgfS9thewcevFKqeJCvwHm9DqQXfBaEKUwfN3n09VRAcOxr4wSOnDn20RcM= X-Spam-Status: No, score=-15.5 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, KAM_EXEURI, KAM_LAZY_DOMAIN_SECURITY, KAM_LOTSOFHASH, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: cygwin@cygwin.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: General Cygwin discussions and problem reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Apr 2020 22:07:07 -0000 On 2020-04-21 12:33, Marco Atzeri via Cygwin wrote: > Am 21.04.2020 um 18:08 schrieb Antonio Cesar Rosa: >> I do not think so. See the output from Virustotal: >> 2431de4597a2162f3e1d60af90f638b41677265b07cc66fcb0231fdde452c841 >> setup-x86_64.exe 1.29 MB 2020-04-21 00:31:19 UTC >> Size >> 15 hours ago >> 64bits direct-cpu-clock-access overlay peexe runtime-modules >> DETECTION DETAILS BEHAVIOR COMMUNITY >> SecureAge APEX Malicious MaxSecure Trojan.Malware.300983.susgen >> Lastline MALWARE Acronis Undetected Scoring 2[.5]/71 is not exactly a threatening consensus - believe the 69 and ignore the 2[.5]. The URL check has eight more checkers excluding the three false positives score 0/80. Many AVs use "heuristic/WAG" approaches which often give false positives on installers. This group probably sees about one false positive a month, but I don't ever recall a real issue in about/over ten years. > please reply on mailing list in copy. > Virus Total with the URL https://cygwin.com/setup-x86_64.exe > gives all clean. > If you have a different result. likely you have a tampered file. > And using the signature available on > https://cygwin.com/install.html > we also have: > $ gpg2 --verify setup-x86_64.exe.sig > gpg: assuming signed data in 'setup-x86_64.exe' > gpg: Signature made Sat, Mar 21, 2020 6:35:25 PM CET > gpg: using DSA key 1169DF9F22734F743AA59232A9A262FF676041BA > gpg: checking the trustdb > gpg: marginals needed: 3 completes needed: 1 trust model: pgp > gpg: depth: 0 valid: 1 signed: 1 trust: 0-, 0q, 0n, 0m, 0f, 1u > gpg: depth: 1 valid: 1 signed: 0 trust: 1-, 0q, 0n, 0m, 0f, 0u > gpg: next trustdb check due at 2022-02-26 > gpg: Good signature from "Cygwin " [ultimate] > gpg: Signature made Sat, Mar 21, 2020 6:35:25 PM CET > gpg: using RSA key 56405CF6FCC81574682A5D561A698DE9E2E56300 > gpg: Good signature from "Cygwin " [full] $ TZ=UTC wget -N http://cygwin.com/setup-x86{_64,}.exe{.sig,} 2020-04-21 21:26:37 URL:http://cygwin.com/setup-x86_64.exe.sig [661/661] -> "setup-x86_64.exe.sig" [1] 2020-04-21 21:26:38 URL:http://cygwin.com/setup-x86_64.exe [1352723/1352723] -> "setup-x86_64.exe" [1] 2020-04-21 21:26:38 URL:http://cygwin.com/setup-x86.exe.sig [661/661] -> "setup-x86.exe.sig" [1] 2020-04-21 21:26:41 URL:http://cygwin.com/setup-x86.exe [1248787/1248787] -> "setup-x86.exe" [1] FINISHED --2020-04-21 21:26:41-- Total wall clock time: 4.4s Downloaded: 4 files, 2.5M in 2.2s (1.12 MB/s) $ TZ=UTC ls -glo --full setup-x86{_64,}.exe{.sig,} -rw-r--r--+ 1 1248787 2020-03-21 17:28:48.000000000 +0000 setup-x86.exe -rw-r--r--+ 1 661 2020-03-21 17:29:04.000000000 +0000 setup-x86.exe.sig -rw-r--r--+ 1 1352723 2020-03-21 17:35:04.000000000 +0000 setup-x86_64.exe -rw-r--r--+ 1 661 2020-03-21 17:35:25.000000000 +0000 setup-x86_64.exe.sig $ TZ=UTC sha256sum setup-x86{_64,}.exe{.sig,} 9e99b618cf6cf0e7a6efac9bff2028acebdb44fd552407e4cb7839f0867b035e *setup-x86_64.exe.sig 2431de4597a2162f3e1d60af90f638b41677265b07cc66fcb0231fdde452c841 *setup-x86_64.exe c7b45a34a0ef18b409a385c7157fd7bb68a799148c212bab74037e0438f5addb *setup-x86.exe.sig d218a41a45fcec581affd0e1ccc66011aa06a3a9b299576104546074e8480064 *setup-x86.exe $ TZ=UTC gpg2 --verify setup-x86_64.exe{.sig,} gpg: Signature made 2020 Mar 21 Sat 17:35:25 UTC gpg: using DSA key 1169DF9F22734F743AA59232A9A262FF676041BA gpg: Good signature from "Cygwin " [full] gpg: Signature made 2020 Mar 21 Sat 17:35:25 UTC gpg: using RSA key 56405CF6FCC81574682A5D561A698DE9E2E56300 gpg: Good signature from "Cygwin " [full] $ TZ=UTC gpg2 --verify setup-x86.exe{.sig,} gpg: Signature made 2020 Mar 21 Sat 17:29:04 UTC gpg: using DSA key 1169DF9F22734F743AA59232A9A262FF676041BA gpg: Good signature from "Cygwin " [full] gpg: Signature made 2020 Mar 21 Sat 17:29:04 UTC gpg: using RSA key 56405CF6FCC81574682A5D561A698DE9E2E56300 gpg: Good signature from "Cygwin " [full] Same files from a month ago with same digests and signatures. Many have downloaded and used it in that timeframe for dozens of package installs and upgrades with no issues or reports before yours. -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada This email may be disturbing to some readers as it contains too much technical detail. Reader discretion is advised.