Ubuntu
openoffice.org package

Failure to update

Asked by mayan

What do I do next when there is a failure to update? The following notice appears:
W: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-screensaver_2.24.0-0ubuntu2.1_i386.deb
Hash Sum mismatch

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu openoffice.org Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
George Standish (george-standish-deactivatedaccount) said : 		#1

Mayan,

I got an email from the ubuntu-security mailing list yesterday regarding gnome-screensaver, I'm going to paste it here for you to see. I would not worry about this update right now, just try again in a couple of days (the security problem is probably being fixed).

Good luck,
George

To: <email address hidden>
Cc: <email address hidden>, <email address hidden>
Message-ID: <email address hidden>
Content-Type: text/plain; charset="utf-8"

===========================================================
Ubuntu Security Notice USN-907-1 March 08, 2010
gnome-screensaver vulnerabilities
CVE-2010-0285, CVE-2010-0422
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  gnome-screensaver 2.24.0-0ubuntu2.1

Ubuntu 9.04:
  gnome-screensaver 2.24.0-0ubuntu6.1

Ubuntu 9.10:
  gnome-screensaver 2.28.0-0ubuntu3.5

After a standard system upgrade you need to restart your session to effect
the necessary changes.

Details follow:

It was discovered that gnome-screensaver did not correctly lock all screens
when monitors get hotplugged. An attacker with physical access could use
this flaw to gain access to a locked session. (CVE-2010-0285)

It was discovered that gnome-screensaver did not correctly handle keyboard
grab when monitors get hotplugged. An attacker with physical access could
use this flaw to gain access to a locked session. This issue only affected
Ubuntu 9.10. (CVE-2010-0422)

Revision history for this message
mayan (mayan-molina) said : 		#2

Hi George,
It's probably best to wait awhile as you said. Thanks!

Revision history for this message
mayan (mayan-molina) said : 		#3

This time I get this notice:
W: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.3_i386.deb
  Cannot initiate the connection to archive.ubuntu.com:80 (91.189.88.46). - connect (101 Network is unreachable) [IP: 91.189.88.46 80]
Should I just ignore this?

Can you help with this problem?

Provide an answer of your own, or ask mayan for more information if necessary.

To post a message you must log in.