Hi Jacopo,
Something is wrong, I get that (dowloaded twice, except the package which opens
normally):
$ ./verify-ofbiz-release.sh apache-ofbiz-17.12.04.zip
sha check of file: apache-ofbiz-17.12.04.zip
Using sha file: apache-ofbiz-17.12.04.zip.sha512
apache-ofbiz-17.12.04.zip: 87FC62B2 8005BE59 FBB5AA69 6F0317C1 72273F02 EB39DD82 9738761C 694D644B F004C3A6 12E8DB41 512C726A 4F5E991F D80A6A84
4AADE640 7B726DC1 8E4182A8
apache-ofbiz-17.12.04.zip: 74F79D42 2746A409 9C0F2E0D 5F96C070 78C73D7B 4C681452 EB974F18 33E2E391 3E1C7D1F 2F0E8A44 C18AC8FF A9F86094 4C9F5D4D
5DDA3AB9 E2DC2057 CA0F2E33
sha sums mismatch!
GPG verification output
gpg: Signature made Fri Jul 3 16:04:40 2020
gpg: using RSA key 7A580908847AF9E0
gpg: BAD signature from "Jacopo Cappellato (CODE SIGNING KEY)
<jaco...@apache.org>"
Could it be on my side? Anyone reproduce?
Jacques
Le 05/07/2020 à 10:23, Jacopo Cappellato a écrit :
This is the vote thread (second attempt) to publish a new bug fix release
from the "release17.12" branch. This new release, "Apache OFBiz 17.12.04",
will supersede all the previous releases from the same branch.
The release files can be downloaded from here:
https://dist.apache.org/repos/dist/dev/ofbiz/
and are:
* apache-ofbiz-17.12.04.zip
* KEYS: text file with keys
* apache-ofbiz-17.12.04.zip.asc: the detached signature file
* apache-ofbiz-17.12.04.zip.sha512: checksum file
Please download and test the zip file and its signatures (for instructions
on testing the signatures see http://www.apache.org/info/verification.html).
Vote:
[ +1] release as Apache OFBiz 17.12.04
[ -1] do not release
This vote will be open for 5 days.
For more details about this process please read
http://www.apache.org/foundation/voting.html
