Uploaded image for project: 'Apache Freemarker'
  1. Apache Freemarker
  2. FREEMARKER-98

bad sh1512 and asc signatures for 2.3.28 tar files

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Invalid
    • 2.3.28
    • 2.3.28
    • site
    • None

    Description

      The signatures for the 2.3.28 release tars don't seem to match the files.

      I downloaded apache-freemarker-2.3.28-bin.tar.gz from https://freemarker.apache.org/freemarkerdownload.html and also the .sha512 and .asc files.

      I run "sha512sum apache-freemarker-2.3.28-bin.tar.gz" and got:

      a77becbfe29785eca4ce5b51786ab783ef686f4159546fa88ce13b0592befe43db98c8a6d4e8e113f35a0b6515ca85e4ea9962df57b76a3ca172989557d9b20c  apache-freemarker-2.3.28-bin.tar.gz

      which is different from apache-freemarker-2.3.28-bin.tar.gz.sha512:

      534cb51b781e83b2109f43a9186a030a1c3d6c5c13117bd5a6168b10c9a3cbd010e6ce806fdc6fce66e4b8a59d8a752f0552758ec769795e2bd3b66c09c0442a

      I then tried the .asc and it also failed:

      gpg --verify apache-freemarker-2.3.28-bin.tar.gz.asc
      gpg: assuming signed data in 'apache-freemarker-2.3.28-bin.tar.gz'
      gpg: Signature made Sat 31 Μαρ 2018 12:11:30 am EEST
      gpg:                using RSA key 1939A2520BAB1D90

      gpg: BAD signature from "Daniel Dekany <ddekany@apache.org>" [unknown]

       

      Similarly for the src tar.

      Attachments

        Activity

          People

            Unassigned Unassigned
            alex186 Alex Athanasopoulos
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: