Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Problems with Getting Google Chrome to update

  1. #1
    Join Date
    Mar 2016
    Location
    New York
    Posts
    64

    Default Problems with Getting Google Chrome to update

    It says the keys are invailid and may have been signed by an attacker. Has anyone got this for the latest update? Here is the error output:

    Retrieving repository 'google-chrome' metadata -------------------------------------------[\]
    Signature verification failed for file 'repomd.xml' from repository 'google-chrome'.
    Warning: This might be caused by a malicious change in the file!
    Continuing might be risky. Continue anyway? [yes/no] (no): no
    Retrieving repository 'google-chrome' metadata .......................................[error]
    Repository 'google-chrome' is invalid.
    [google-chrome|http://dl.google.com/linux/chrome/rpm/stable/x86_64] Valid metadata not found
    at specified URL
    Please check if the URIs defined for this repository are pointing to a valid repository.
    Warning: Skipping repository 'google-chrome' because of the above error.
    Some of the repositories have not been refreshed because of an error.
    Loading repository data...
    Reading installed packages...
    'google-chrome-stable = 0:50.0.2661.86-1' is already installed.
    No update candidate for 'google-chrome-stable-50.0.2661.86-1.x86_64'. The highest available v
    ersion is already installed.
    Resolving package dependencies...


    This is for an update that is available after 50.0.2662.86
    My software updater originally gave me a warning that an update is available but was unable to authenticate the signature
    Motherboard: GA-EP45-UD3P
    CPU: Core2Quad Q8400 2.66GHz.
    Memory: 4 GIB DDR2
    GPU: Geforce GTX 650 1GIB Driver: NVIDIA G03- 340.96
    OS & Desktop: 42.2Leap 64 bit, KDE Plasma 5.8.3,QT 5.6.1 Kernel 4.4.27-2-deafult

  2. #2
    Join Date
    Nov 2009
    Location
    West Virginia Sector 13
    Posts
    15,582

    Default Re: Problems with Getting Google Chrome to update

    You can get the certificates from Google I think if you don't want to see the warning. IMHO Google does not handle this issue well

  3. #3

    Default Re: Problems with Getting Google Chrome to update

    Quote Originally Posted by frankensuse View Post
    It says the keys are invailid and may have been signed by an attacker. Has anyone got this for the latest update? Here is the error output:

    Retrieving repository 'google-chrome' metadata -------------------------------------------[\]
    Signature verification failed for file 'repomd.xml' from repository 'google-chrome'.
    Warning: This might be caused by a malicious change in the file!
    Continuing might be risky. Continue anyway? [yes/no] (no): no
    Getting the same thing here. It's been running smoothly with the certificate installed for months. Yesterday I started getting the error.

    I have a faint memory of the key changing once in the past, but can't find any notes to confirm that.

    So I've temporarily disabled the repository. I'll wait a couple of days and see if it gets sorted out. If not, I suppose pinging Google is always an option.

  4. #4

    Default Re: Problems with Getting Google Chrome to update

    Same error here. Seems to be a problem of Google.

    Downloading the Linux RPM package from https://www.google.com/chrome/ I got a valid signature:

    > rpmkeys -K google-chrome-stable_current_x86_64.rpm
    google-chrome-stable_current_x86_64.rpm: (sha1) dsa sha1 md5 gpg OK
    When I try to update chrome by that package, I get:

    > rpm -U google-chrome-stable_current_x86_64.rpm
    package google-chrome-stable-50.0.2661.86-1.x86_64 is already installed
    So no need for special actions; I'll simply wait until Google has resolved that problem.

    It would not be a good idea to accept repomd.xml without valid signature.

  5. #5

    Default Re: Problems with Getting Google Chrome to update

    I got the same error here. I don't have a solution, but based on the other replies I see here, I'll just wait.

  6. #6

    Default Re: Problems with Getting Google Chrome to update

    Quote Originally Posted by hatto View Post
    Same error here. Seems to be a problem of Google.

    Downloading the Linux RPM package from https://www.google.com/chrome/ I got a valid signature:
    I just ran zypper update, did 'Continue anyway' and got "google-chrome-stable-50.0.2661.94-1.x86_64" as a version, which is an update.

    I hope this version fixes the issue of when I try to open links from Thunderbird - it crashes Chrome, then opens the link, and I get a popup to 'Restore lost pages' or some such. Is anyone else getting that?

  7. #7

    Default Re: Problems with Getting Google Chrome to update

    I've reported the problem on Google's Chrome forum, for whatever good that may do.

    Thread is here

    A few extra voices can't hurt.

  8. #8

    Default Re: Problems with Getting Google Chrome to update

    I definitely remember this happening before, and it was just a waiting game. I hope it's the same situation this time.
    I'm confused...No, wait...Maybe I'm not...

  9. #9

    Default Re: Problems with Getting Google Chrome to update

    Update: Someone has linked this to a Chromium bug related to the deprecation of SHA1. If that's a valid association, that means the problem has been ongoing for a month and a half. Don't expect a speedy resolution.

    In the mean time, I guess we're stuck with downloading and updating our Chrome installs manually.

  10. #10
    Join Date
    Mar 2016
    Location
    New York
    Posts
    64

    Default Re: Problems with Getting Google Chrome to update

    Thank You all for responding.

    I guess I'm not being paranoid after all. What's the use of having certificate validation if they are not coming up as valid. In this day and age of security threats, I am waiting also. I realize there is an update waiting, but to me it makes no sense to install the update if it has even a possibility of having a man in the middle. I rather run my browser in an older version than install one that has been (potentially) hacked. It not only breaths danger into my rig but I could also potentially spread what ever could potentially be bad. To me that is not linuxing responsibly.

    I'm going to just keep this thread open until I get a response from google. They preach security , security, security, and they screw the pooch on their certificates. I guess they think everyone runs windows and don't know enough to check validity of fingerprints on certs...
    Motherboard: GA-EP45-UD3P
    CPU: Core2Quad Q8400 2.66GHz.
    Memory: 4 GIB DDR2
    GPU: Geforce GTX 650 1GIB Driver: NVIDIA G03- 340.96
    OS & Desktop: 42.2Leap 64 bit, KDE Plasma 5.8.3,QT 5.6.1 Kernel 4.4.27-2-deafult

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •