[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Invalid msi: TortoiseSVN-1.6.3.16613-win32-svn-1.6.3.msi

From: Stefan Küng <tortoisesvn_at_gmail.com>
Date: Thu, 09 Jul 2009 10:58:48 +0200

Simon Large wrote:
> 2009/7/9 Stefan Küng <tortoisesvn_at_gmail.com>:
>> Mark Rosenberg wrote:
>>> TortoiseSVN-1.6.3.16613-win32-svn-1.6.3.msi is not a valid MSI
>>> according to my XP Home SP3 system. The install aborts immediately
>>> with the message from Windows Installer:
>>>
>>> "This installation package could not be opened. Contact the
>>> application vendor to verify that this is a valid Windows Installer
>>> package."
>>>
>>> Nor was I able to verify the digital signature according to the
>>> instructions provided on the website. My download link follows:
>>>
>>> http://downloads.sourceforge.net/tortoisesvn/TortoiseSVN-1.6.3.16613-win32-svn-1.6.3.msi?download
>>>
>>> Am I the only one having this issue or is the MSI truly damaged?
>> Your msi is really broken.
>> Try downloading it again, and maybe try a different sourceforge mirror
>> to download from.
>
> The new signature proves that the msi has not been tampered with, but
> is it as easy to detect a broken download? Is it worth keeping MD5
> sums shown on the website?

"not been tampered with" and "broken download" is the very same: both
indicate that the file is not the same as the one I signed.

No need to keep md5 sums or GPG keys on the website. If the signature
doesn't match, the file is corrupted - either willingly by someone who
tampered with the file or accidentally due to a broken download.

Stefan

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2369306

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2009-07-09 10:59:16 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.