[NOT A PROBLEM] Fix the release process to also generate .sha512 files

as per updated ASF guidelines.

the .md5 are no longer required.

~~~

https://www.apache.org/dev/release-distribution#sigs-and-sums

For every artifact distributed to the public through Apache channels, the PMC

• MUST supply a valid OpenPGP compatible ASCII armored detached signature file,
• MUST supply at least one (SHA or MD5) checksum file,
• SHOULD supply a SHA-1, SHA-256 or SHA-512 checksum file,
• SHOULD NOT supply a MD5 checksum file (because MD5 is too broken).

So, we are compliant already.