install-tl.exe trojan
Denis Bitouzé
denis.bitouze at univ-littoral.fr
Fri Jan 10 09:21:27 CET 2025
Hi Norbert,
Le 10/01/25 à 14h28, Norbert Preining a écrit :
> There are files
> install-tl-windows.exe.sha512
> install-tl-windows.exe.sha512.asc
> The first can be checked with
>
> $ sha512sum -c install-tl-windows.exe.sha512
> install-tl-windows.exe: OK
>
> which compares the saved sha512 sum against the one computed from
> install-tl-windows.exe.
>
> Then you can check the authenticity of the .sha512 file with
> (assuming you have our public key imported):
>
> $ gpg --verify install-tl-windows.exe.sha512.asc
> gpg: assuming signed data in 'install-tl-windows.exe.sha512'
> gpg: Signature made Mon Jan 6 09:49:42 2025 JST
> gpg: using RSA key D8F2F86057A857E42A88106A4CE1877E19438C70
> gpg: Good signature from "TeX Live Distribution <tex-live at tug.org>" [full]
> Primary key fingerprint: C78B 82D8 C795 12F7 9CC0 D7C8 0D5E 5D91 06BA B6BC
> Subkey fingerprint: D8F2 F860 57A8 57E4 2A88 106A 4CE1 877E 1943 8C70
At least the checking commands with sha512sum are worth mentioning here:
┌────
│ https://tug.org/texlive/acquire-netinstall.html
│ https://tug.org/texlive/acquire-iso.html
└────
Best regards.
--
Denis
More information about the tex-live
mailing list.