You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@logging.apache.org by ts...@apache.org on 2019/01/16 10:20:56 UTC

[logging-log4cxx] branch master updated: LOGCXX-503: Matt Sicker resigned the already available releases because the old ones expired and additionally created files containing SHA512-hashes. So I'm mentioning him for now as release manager instead of myself and mentioned the new hash files. The new release manager makes it easier to backport this change to 0.10.0, because that files were the ones he actually resigned.

This is an automated email from the ASF dual-hosted git repository.

tschoening pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4cxx.git


The following commit(s) were added to refs/heads/master by this push:
     new ddcf3e8  LOGCXX-503: Matt Sicker resigned the already available releases because the old ones expired and additionally created files containing SHA512-hashes. So I'm mentioning him for now as release manager instead of myself and mentioned the new hash files. The new release manager makes it easier to backport this change to 0.10.0, because that files were the ones he actually resigned.
ddcf3e8 is described below

commit ddcf3e88cfa4f035a9c99bda25ace64d1a6b07ab
Author: Thorsten Schöning <ts...@am-soft.de>
AuthorDate: Wed Jan 16 11:20:51 2019 +0100

    LOGCXX-503: Matt Sicker resigned the already available releases because the old ones expired and additionally created files containing SHA512-hashes. So I'm mentioning him for now as release manager instead of myself and mentioned the new hash files. The new release manager makes it easier to backport this change to 0.10.0, because that files were the ones he actually resigned.
---
 pom.xml                      | 4 ++--
 src/site/apt/download.apt.vm | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/pom.xml b/pom.xml
index 08ccf7d..6c02649 100644
--- a/pom.xml
+++ b/pom.xml
@@ -72,8 +72,8 @@
 		<!-- Note that any properties you want available in velocity templates must not use periods! -->
 		<releaseArtifactId>${project.artifactId}</releaseArtifactId>
 		<releaseVersion>${project.version}</releaseVersion>
-		<releaseManager>Thorsten Schöning</releaseManager>
-		<releaseKey>778C3033</releaseKey>
+		<releaseManager>Matt Sicker</releaseManager>
+		<releaseKey>B62BABE8</releaseKey>
 	</properties>
 
 	<organization>
diff --git a/src/site/apt/download.apt.vm b/src/site/apt/download.apt.vm
index 891c334..6b6bdeb 100644
--- a/src/site/apt/download.apt.vm
+++ b/src/site/apt/download.apt.vm
@@ -30,12 +30,12 @@ Download Apache log4cxx ${releaseVersion}
 *-------------------------+---------+----------+-----------+
 |                         | Mirrors | Checksum | Signature |
 *-------------------------+---------+----------+-----------+
-| Apache log4cxx ${releaseVersion} (tar.gz)      | {{{https://www.apache.org/dyn/closer.cgi/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.tar.gz} ${releaseArtifactId}-${releaseVersion}.tar.gz}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.tar.gz.md5} ${releaseArtifactId}-${releaseVersion}.tar.gz.md5}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVers [...]
+| Apache log4cxx ${releaseVersion} (tar.gz)      | {{{https://www.apache.org/dyn/closer.cgi/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.tar.gz} ${releaseArtifactId}-${releaseVersion}.tar.gz}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.tar.gz.sha512} ${releaseArtifactId}-${releaseVersion}.tar.gz.sha512}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${relea [...]
 *-------------------------+---------+----------+-----------+
-| Apache log4cxx ${releaseVersion} (zip)      | {{{https://www.apache.org/dyn/closer.cgi/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip} ${releaseArtifactId}-${releaseVersion}.zip}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip.md5} ${releaseArtifactId}-${releaseVersion}.zip.md5}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip.asc} $ [...]
+| Apache log4cxx ${releaseVersion} (zip)      | {{{https://www.apache.org/dyn/closer.cgi/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip} ${releaseArtifactId}-${releaseVersion}.zip}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip.sha512} ${releaseArtifactId}-${releaseVersion}.zip.sha512}} | {{{https://www.apache.org/dist/logging/log4cxx/${releaseVersion}/${releaseArtifactId}-${releaseVersion}.zip. [...]
 *-------------------------+---------+----------+-----------+
 
-    It is essential that you verify the integrity of the downloaded files using the PGP or MD5 signatures.
+    It is essential that you verify the integrity of the downloaded files using the PGP or SHA512 signatures.
     Please read {{{https://httpd.apache.org/dev/verification.html}Verifying Apache HTTP Server Releases}} for more
     information on why you should verify our releases.
 
@@ -50,7 +50,7 @@ Download Apache log4cxx ${releaseVersion}
 
         * ${releaseArtifactId}-${releaseVersion} is signed by ${releaseManager} (${releaseKey})
 
-    Alternatively, you can verify the MD5 signature on the files. A unix program called md5 or md5sum is included
+    Alternatively, you can verify the SHA512 signature on the files. A unix program called sha512 or sha512sum is included
     in many unix distributions.
 
 * Previous Releases