Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > Ubuntu recomended updates warning in update manager

Reply
Thread Tools

Ubuntu recomended updates warning in update manager

 
 
Max
Guest
Posts: n/a
 
      06-04-2009
When I run update manager, for recommended updates I get this message.

W: GPG error: http://nz.archive.ubuntu.com jaunty-updates Release:

The following signatures were invalid: BADSIG 40976EAF437D05B5

Ubuntu Archive Automatic Signing Key <(E-Mail Removed)>

When I select one of the updated files in update manager it says in the
changes window:

"Failed to detect distribution"


If I click on the Install Updates button, the summary window
says:

"Warning: You are about to install software that cant be authenticated!
Doing this could allow a malicious individual to damage or take control
of your system."

The updates are for Evolution, (which I am not using) Foomatic DB
engine, Gnome settings Daemon, and metacity.

Should I install these updates anyway?
 
Reply With Quote
 
 
 
 
Lawrence D'Oliveiro
Guest
Posts: n/a
 
      06-04-2009
In message <h073pf$q54$(E-Mail Removed)-september.org>, Max wrote:

> When I run update manager, for recommended updates I get this message.
>
> W: GPG error: http://nz.archive.ubuntu.com jaunty-updates Release:
>
> The following signatures were invalid: BADSIG 40976EAF437D05B5
>
> Ubuntu Archive Automatic Signing Key <(E-Mail Removed)>
>
> Should I install these updates anyway?


In principle, I would say no. Signatures exist for a reason.

Looks like this sort of thing happens from time to time
<https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/24061>.
Suggestions from there:

* Wait a while for the problem to resolve itself
* Do a Reload in your package manager
* Try a different mirror
* Have you been trying to add third-party repositories?

 
Reply With Quote
 
 
 
 
Lodi
Guest
Posts: n/a
 
      06-04-2009
> Max wrote:

> When I run update manager, for recommended updates I get this message.
>
> W: GPG error: http://nz.archive.ubuntu.com jaunty-updates Release:
>
> The following signatures were invalid: BADSIG 40976EAF437D05B5
>
> Ubuntu Archive Automatic Signing Key <(E-Mail Removed)>
>
> When I select one of the updated files in update manager it says in the
> changes window:
>
> "Failed to detect distribution"
>
>
> If I click on the Install Updates button, the summary window
> says:
>
> "Warning: You are about to install software that cant be authenticated!
> Doing this could allow a malicious individual to damage or take control
> of your system."
>
> The updates are for Evolution, (which I am not using) Foomatic DB
> engine, Gnome settings Daemon, and metacity.
>



Feel free to take this reply with a grain of salt as I've not experienced
the problem and am only relying on googling/ubuntuforumming to advise.

This error seems to be a bug with apt-get (the updater) and certain
customized network setups. Transparent proxies get a mention. Not sure what
they are.

The following was suggested in an eighteen month old bug report so I'm not
sure if it's even still relevant.

Although it's not wise to blindly copy and paste from usenet all the
following command is doing is turning the caching off.

But for the record...****caveat emptor******

At the terminal, paste and run....
apt-get update -o Acquire::http::No-Cache=True
If you get a permissions error re-try adding sudo at the start. Then re-try
your update.

Or if the invalid key is listed here.....
System > Admin > Software Sources > Authentication
.....you may want to try a "reset to defaults" and see if that does anything.

> Should I install these updates anyway?


Possibly not wise to ignore warnings but have done so myself previously.

Regards
Lodi



 
Reply With Quote
 
AD.
Guest
Posts: n/a
 
      06-04-2009
On Jun 4, 12:16*pm, Max <(E-Mail Removed)> wrote:
> When I run update manager, for recommended updates I get this message.
>
> W: GPG error:http://nz.archive.ubuntu.comjaunty-updates Release:
>
> The following signatures were invalid: BADSIG 40976EAF437D05B5

<snip>
> "Warning: You are about to install software that cant be authenticated!
> Doing this could allow a malicious individual to damage or take control
> of your system."


I started getting those messages a few months back, and as far as I
can wildly guess it is an issue with TelstraClears transparent proxy
(I use a cable modem at home). It has never cropped up on any of the
machines at work (they're on a Citylink connection).

And I'm to lazy to bother trying to convince first level support at
Telstra to look into it.

One way I found to avoid it, is to select a slightly more obscure
mirror in Software Sources. The updates can be a bit slower to
download though.

So while the errors are mostly erroneous and it is probably safe to
upgrade most of the time, I'm a little reluctant to bypass the errors
just in case there is something like a DNS cache poisoning going on
somewhere etc.

--
Cheers
Anton
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
System Requirements Recomended ! lovely_angel_for_you@yahoo.com ASP .Net 1 05-04-2005 02:22 PM



Advertisments