Opened 8 years ago

Closed 7 years ago

Last modified 22 months ago

#4911 closed defect (worksforme)

Unable to install Vidalia Bundle 0.2.2.35 on Windows

Reported by: runa Owned by: erinn
Priority: Immediate Milestone:
Component: Applications/Tor bundles/installation Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by erinn)

A couple of users have reported that they are unable to install the latest stable Vidalia Bundle (0.2.2.35) on Windows. The message that pops up says "NSIS Error: Installer integrity check failed. Common causes include incomplete download and damaged media. Contact the installer's author to obtain a new copy."'

Child Tickets

Change History (5)

comment:1 Changed 8 years ago by rransom

Priority: normalblocker

A user in #tor-dev now reports that the signature on vidalia-bundle-0.2.2.35-0.2.15-1.exe does not match, even when he/she/it downloaded the file from www-master.

comment:2 in reply to:  1 Changed 8 years ago by erinn

Description: modified (diff)

Replying to rransom:

A user in #tor-dev now reports that the signature on vidalia-bundle-0.2.2.35-0.2.15-1.exe does not match, even when he/she/it downloaded the file from www-master.

I can't reproduce this. I checked the website and the sig & package files appear to all have the right names, and they verify when I check them... but I wonder if there is a chance someone is trying to verify it with the wrong sig? Because since these bundles were updated only for OpenSSL, they are versioned as vidalia-bundle-0.2.2.35-0.2.15-1.exe and vidalia-bundle-0.2.2.35-0.2.15-1.exe.asc, but there is still a vidalia-bundle-0.2.2.35-0.2.15.exe and vidalia-bundle-0.2.2.35-0.2.15.exe.asc. I don't know how people would be getting those without going directory to dist/ though. Is anyone else able to reproduce it? I'm going to remove the old files in the meantime.

comment:3 in reply to:  1 Changed 8 years ago by arma

Replying to rransom:

A user in #tor-dev now reports that the signature on vidalia-bundle-0.2.2.35-0.2.15-1.exe does not match, even when he/she/it downloaded the file from www-master.

The signature matches for me too.

arma@last-request:/tmp$ gpg vidalia-bundle-0.2.2.35-0.2.15-1.exe.asc 
gpg: Signature made Thu 05 Jan 2012 12:14:38 PM EST using RSA key ID 63FEE659
gpg: Good signature from "Erinn Clark <erinn@torproject.org>"
gpg:                 aka "Erinn Clark <erinn@debian.org>"
gpg:                 aka "Erinn Clark <erinn@double-helix.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 8738 A680 B84B 3031 A630  F2DB 416F 0610 63FE E659

(I haven't tried the exe, since I don't have Windows.)

comment:4 Changed 7 years ago by erinn

Resolution: worksforme
Status: newclosed

There haven't been any follow ups to this or new similar bug reports, so I'm going to close this. Please reopen if it's still a problem.

comment:5 Changed 22 months ago by teor

Severity: Normal

Set all tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.