Ubuntu recomended updates warning in update manager

Discussion in 'NZ Computing' started by Max, Jun 4, 2009.

  1. Max

    Max Guest

    When I run update manager, for recommended updates I get this message.

    W: GPG error: http://nz.archive.ubuntu.com jaunty-updates Release:

    The following signatures were invalid: BADSIG 40976EAF437D05B5

    Ubuntu Archive Automatic Signing Key <>

    When I select one of the updated files in update manager it says in the
    changes window:

    "Failed to detect distribution"


    If I click on the Install Updates button, the summary window
    says:

    "Warning: You are about to install software that cant be authenticated!
    Doing this could allow a malicious individual to damage or take control
    of your system."

    The updates are for Evolution, (which I am not using) Foomatic DB
    engine, Gnome settings Daemon, and metacity.

    Should I install these updates anyway?
     
    Max, Jun 4, 2009
    #1
    1. Advertising

  2. In message <h073pf$q54$-september.org>, Max wrote:

    > When I run update manager, for recommended updates I get this message.
    >
    > W: GPG error: http://nz.archive.ubuntu.com jaunty-updates Release:
    >
    > The following signatures were invalid: BADSIG 40976EAF437D05B5
    >
    > Ubuntu Archive Automatic Signing Key <>
    >
    > Should I install these updates anyway?


    In principle, I would say no. Signatures exist for a reason.

    Looks like this sort of thing happens from time to time
    <https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/24061>.
    Suggestions from there:

    * Wait a while for the problem to resolve itself
    * Do a Reload in your package manager
    * Try a different mirror
    * Have you been trying to add third-party repositories?
     
    Lawrence D'Oliveiro, Jun 4, 2009
    #2
    1. Advertising

  3. Max

    Lodi Guest

    > Max wrote:

    > When I run update manager, for recommended updates I get this message.
    >
    > W: GPG error: http://nz.archive.ubuntu.com jaunty-updates Release:
    >
    > The following signatures were invalid: BADSIG 40976EAF437D05B5
    >
    > Ubuntu Archive Automatic Signing Key <>
    >
    > When I select one of the updated files in update manager it says in the
    > changes window:
    >
    > "Failed to detect distribution"
    >
    >
    > If I click on the Install Updates button, the summary window
    > says:
    >
    > "Warning: You are about to install software that cant be authenticated!
    > Doing this could allow a malicious individual to damage or take control
    > of your system."
    >
    > The updates are for Evolution, (which I am not using) Foomatic DB
    > engine, Gnome settings Daemon, and metacity.
    >



    Feel free to take this reply with a grain of salt as I've not experienced
    the problem and am only relying on googling/ubuntuforumming to advise.

    This error seems to be a bug with apt-get (the updater) and certain
    customized network setups. Transparent proxies get a mention. Not sure what
    they are.

    The following was suggested in an eighteen month old bug report so I'm not
    sure if it's even still relevant.

    Although it's not wise to blindly copy and paste from usenet all the
    following command is doing is turning the caching off.

    But for the record...****caveat emptor******

    At the terminal, paste and run....
    apt-get update -o Acquire::http::No-Cache=True
    If you get a permissions error re-try adding sudo at the start. Then re-try
    your update.

    Or if the invalid key is listed here.....
    System > Admin > Software Sources > Authentication
    .....you may want to try a "reset to defaults" and see if that does anything.

    > Should I install these updates anyway?


    Possibly not wise to ignore warnings but have done so myself previously.

    Regards
    Lodi
     
    Lodi, Jun 4, 2009
    #3
  4. Max

    AD. Guest

    On Jun 4, 12:16 pm, Max <> wrote:
    > When I run update manager, for recommended updates I get this message.
    >
    > W: GPG error:http://nz.archive.ubuntu.comjaunty-updates Release:
    >
    > The following signatures were invalid: BADSIG 40976EAF437D05B5

    <snip>
    > "Warning: You are about to install software that cant be authenticated!
    > Doing this could allow a malicious individual to damage or take control
    > of your system."


    I started getting those messages a few months back, and as far as I
    can wildly guess it is an issue with TelstraClears transparent proxy
    (I use a cable modem at home). It has never cropped up on any of the
    machines at work (they're on a Citylink connection).

    And I'm to lazy to bother trying to convince first level support at
    Telstra to look into it.

    One way I found to avoid it, is to select a slightly more obscure
    mirror in Software Sources. The updates can be a bit slower to
    download though.

    So while the errors are mostly erroneous and it is probably safe to
    upgrade most of the time, I'm a little reluctant to bypass the errors
    just in case there is something like a DNS cache poisoning going on
    somewhere etc.

    --
    Cheers
    Anton
     
    AD., Jun 4, 2009
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Nick
    Replies:
    5
    Views:
    488
  2. Pete

    Recomended adsl ethernet modem

    Pete, Jul 27, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    504
    Peter Wilkins
    Jul 30, 2004
  3. ronniegsd

    Digital photo printing sire recomended

    ronniegsd, Dec 2, 2003, in forum: Digital Photography
    Replies:
    5
    Views:
    359
  4. Harbin Osteen

    Recomended free photo storage site? Or not?

    Harbin Osteen, Apr 5, 2007, in forum: Digital Photography
    Replies:
    4
    Views:
    293
    Aamir
    Apr 9, 2007
  5. Nick
    Replies:
    5
    Views:
    415
Loading...

Share This Page