Question in regards to software verification...

Jason Williams jwilliams at
Thu Feb 5 11:10:22 PST 2004

This is going to sound incredibly new, but i've never understood how to 
completely verify software that you download.

For instance, a new Security Advisory was released today regarding the 
shmat reference counting bug

One thing that I thought of when I was looking at this is the option to d/l 
the patch, then patch your system. I also noticed that there was, not only 
the patch you can download, but the .asc file which is supposed to verify 
the software you download.

So I wanted to know the methods available that you can use to verify 
software that you d/l?
How about .asc? I have seen that one before, but not really familiar with it.

I know you can also use md5 as well as gnupg.

Anyone care to take a moment and enlighten me with the steps to verify 

I appreciate it.



More information about the freebsd-questions mailing list