Hi All,
I recently installed the version 6.13.deb of clamtk on ubuntu 18.04 from:
Prior to installation, I checked the sha256, and it was fine. I subsequently learned about signatures, so I went to recheck my download.
I followed the instructions at https://gitlab.com/dave_m/clamtk/-/wikis/ClamTk-Hashes
Code:
dpkg-sig --verify clamtk_6.13-1_all.deb clamtk_6.13-1_amd64.changes
Processing clamtk_6.13-1_all.deb...
NOSIG
As such, I'm concerned about the integrity of the package I installed, although I realize I may just be making a mistake or the instructions are lacking in verifying the .sig.
Is this something to be concerned about re system security?
Next time, I'll check the .sig first before installing from outside the repos.
Bookmarks