Hi,
The upload for avvdat-9412.zip seems to be broken. I'm getting failed repo pulls from McAfeeHttp for VSCANDAT1000, specifically failing on avvdat-9412.zip (found hash aaaaa, expected hash bbbbb). Tried downloading and checking in the DAT package avvepo9412dat.zip manually from the downloads site, got the error Error extracting to temp directory. On a whim I tried to extract avvepo9412dat.zip, which resulted in failure on avvdat-9412.zip specifically.
Hi Wu_Yuxuan,
I just did a quick test in my machine, am able to download DAT-9412.zip file from McAFee Product download site and checkin in my EPO without any issue. Seems like there could be some network device (firewall/proxy/HIPS/some other network device) in your environment causing the issue.
Was my reply helpful?
If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a soultion" if this reply resolves your query!
If the file is torn while downloading from the internet, definitely it is because of the network device. One of your network device thinks that some suspicious file being downloaded from internet.
Was my reply helpful?
If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a soultion" if this reply resolves your query!
Hi LKS,
Thanks for checking. I've been attempting my downloads from 3 different networks, the ePO-triggered ones are from the environment network, and manual downloads from https://www.mcafee.com/enterprise/en-us/downloads/security-updates.html with 2 other networks, which are an unrelated office connection and a datacentre guest wifi. It seems unlikely that the same file will get chewed up by network devices on 3 different networks.
In any case, I've managed to get a clean download of just avvdat-9412.zip from http://update.nai.com/products/commonupdater/ though. If I unpack the avvepo9412dat.zip from the Security Updates site, replace the broken avvdat-9412.zip and zip it back up again, will this repacked package be accepted by ePO or does McAfee sign its update packages?
If you are able to download a clean copy of ZIP file from McAfee product download then checkin into ePO Master Repository. But do not replace the file which you downloaded from update.nai.com.
The reason :
When you download from Product download site, the zip file contains signature details, PkgCatalog.z file and other supported files and there will be some sequence process should follow when you push it to client machine. If you are manually try to replace the corrupted files, it will never going to work.
Best i would suggest completely whitelist the following URL "http://update.nai.com", on your network appliance and try again from EPO. In my experience 99.99999% of the case ended up on network device.
Was my reply helpful?
If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a soultion" if this reply resolves your query!
Sometimes it depends on the time of day you are pulling the file. We have many update servers and when they are being replicated to, you may get a partial file because it hasn't finished being replicated to. We always advise try different times of day an you can also try one of the other commonupdater sites. There is commonupdater, and commonupater2 that you can alternate between when that happens.
Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Hi @Wu_Yuxuan
Can you also kindly check and confirm if this issue pops up with 9413 as well since it has already been released?
Hello Sir,
Greetings!
Regarding the query. Please try to do the following and share the output
Please try to do nslookup for update.nai.com. If you are able to get the IP list.
Please try to access https:\\update.nai.com from the EPO Server.
Please try to checkin package and check you are receiving any error message.
Hi all,
It was still happening with 9413, but seems to be a problem with the commonupdater directory specifically. I've added commonupdater2 & 3 to the Source Sites and tested them successfully with a repo update server task, so for now my workaround is to have 1 master repo update task for each site, broadly spaced out so they don't waste bandwidth and hammer the site.
The entries in epoapsvr log are quite similar to the case posted by @Hem, but I have hr=-112 instead. Below is a log snippet of the failed update attempts.
20191017115533 I #01304 INETMGR Downloaded file avvdat-9412.zip successfully in session 1, size=130735277, SHA1 hash=80EF18B69839DCE6304D6B890329D8FE228BEA8D, SHA256 hash=578E208D608EC6E5F853BE328F836BE1D0BBCFE8A7E2925BF328FA4E070223A2.
20191017115534 E #01304 SITEMGR SiteMgrHelper.cpp(115): File SHA1 hash code verification for C:\Windows\TEMP\nai42C.tmp\00000002\avvdat-9412.zip failed.
20191017115534 E #01304 SITEMGR Mirror.cpp(1145): Verify file avvdat-9412.zip size and hash failed, hr=-112
20191017115534 I #01304 SRVEVTINF Database initialization: Starting.
20191017115534 I #01304 NAISIGN Found master install key, decoding
20191017115534 I #01304 MFEFIPS Loading: "C:\PROGRA~2\McAfee\EPOLIC~1\x64", Role = Officer, Mode = Normal
20191017115534 I #01304 MFEFIPS Module Initialized.
20191017115534 I #01304 MFEFIPS MFEFIPS_Status() returned 1
20191017115534 I #01304 SRVEVTINF Database initialization: Succeeded.
20191017115534 I #01304 NAINET HTTP Session closed
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA