Google Git
Sign in
apache / logging-log4cxx / ddcf3e88cfa4f035a9c99bda25ace64d1a6b07ab^! / .
commitddcf3e88cfa4f035a9c99bda25ace64d1a6b07ab[log] [tgz]
authorThorsten Schöning <tschoening@am-soft.de>Wed Jan 16 11:20:51 2019 +0100
committerThorsten Schöning <tschoening@am-soft.de>Wed Jan 16 11:20:51 2019 +0100
tree01741da1effa6a1d6c23121f7334e5e997b3cab4
parent171e980fdd31e09e36841cf82adcebfa12bcd6d0 [diff]
LOGCXX-503: Matt Sicker resigned the already available releases because the old ones expired and additionally created files containing SHA512-hashes. So I'm mentioning him for now as release manager instead of myself and mentioned the new hash files. The new release manager makes it easier to backport this change to 0.10.0, because that files were the ones he actually resigned.

diff --git a/pom.xml b/pom.xml
index 08ccf7d..6c02649 100644
--- a/pom.xml
+++ b/pom.xml

@@ -72,8 +72,8 @@
 		<!-- Note that any properties you want available in velocity templates must not use periods! -->
 		<releaseArtifactId>${project.artifactId}</releaseArtifactId>
 		<releaseVersion>${project.version}</releaseVersion>
-		<releaseManager>Thorsten Schöning</releaseManager>
-		<releaseKey>778C3033</releaseKey>
+		<releaseManager>Matt Sicker</releaseManager>
+		<releaseKey>B62BABE8</releaseKey>
 	</properties>
 
 	<organization>

diff --git a/src/site/apt/download.apt.vm b/src/site/apt/download.apt.vm
index 891c334..6b6bdeb 100644
--- a/src/site/apt/download.apt.vm
+++ b/src/site/apt/download.apt.vm

@@ -30,12 +30,12 @@
 *-------------------------+---------+----------+-----------+
 |                         | Mirrors | Checksum | Signature |
 *-------------------------+---------+----------+-----------+
-| Apache log4cxx ${releaseVersion} (tar.gz)      | {{{https://www.apache.org/dyn/closer.cgi/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.tar.gz} ${releaseArtifactId}-${releaseVersion}.tar.gz}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.tar.gz.md5} ${releaseArtifactId}-${releaseVersion}.tar.gz.md5}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.tar.gz.asc} ${releaseArtifactId}-${releaseVersion}.tar.gz.asc}} |
+| Apache log4cxx ${releaseVersion} (tar.gz)      | {{{https://www.apache.org/dyn/closer.cgi/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.tar.gz} ${releaseArtifactId}-${releaseVersion}.tar.gz}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.tar.gz.sha512} ${releaseArtifactId}-${releaseVersion}.tar.gz.sha512}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.tar.gz.asc} ${releaseArtifactId}-${releaseVersion}.tar.gz.asc}} |
 *-------------------------+---------+----------+-----------+
-| Apache log4cxx ${releaseVersion} (zip)      | {{{https://www.apache.org/dyn/closer.cgi/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip} ${releaseArtifactId}-${releaseVersion}.zip}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip.md5} ${releaseArtifactId}-${releaseVersion}.zip.md5}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip.asc} ${releaseArtifactId}-${releaseVersion}.zip.asc}} |
+| Apache log4cxx ${releaseVersion} (zip)      | {{{https://www.apache.org/dyn/closer.cgi/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip} ${releaseArtifactId}-${releaseVersion}.zip}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip.sha512} ${releaseArtifactId}-${releaseVersion}.zip.sha512}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip.asc} ${releaseArtifactId}-${releaseVersion}.zip.asc}} |
 *-------------------------+---------+----------+-----------+
 
-    It is essential that you verify the integrity of the downloaded files using the PGP or MD5 signatures.
+    It is essential that you verify the integrity of the downloaded files using the PGP or SHA512 signatures.
     Please read {{{https://httpd.apache.org/dev/verification.html}Verifying Apache HTTP Server Releases}} for more
     information on why you should verify our releases.
 
@@ -50,7 +50,7 @@
 
         * ${releaseArtifactId}-${releaseVersion} is signed by ${releaseManager} (${releaseKey})
 
-    Alternatively, you can verify the MD5 signature on the files. A unix program called md5 or md5sum is included
+    Alternatively, you can verify the SHA512 signature on the files. A unix program called sha512 or sha512sum is included
     in many unix distributions.
 
 * Previous Releases