You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Emmanuel Lécharny (Jira)" <ji...@apache.org> on 2022/08/21 02:13:00 UTC

[jira] [Commented] (DIRSERVER-2313) 2.0.0.M26: Invalid signature file digest for Manifest main attributes

    [ https://issues.apache.org/jira/browse/DIRSERVER-2313?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17582447#comment-17582447 ] 

Emmanuel Lécharny commented on DIRSERVER-2313:
----------------------------------------------

AFAICT, the previous version was properly signed. We have to look at what's missing in M26.

> 2.0.0.M26: Invalid signature file digest for Manifest main attributes
> ---------------------------------------------------------------------
>
>                 Key: DIRSERVER-2313
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-2313
>             Project: Directory ApacheDS
>          Issue Type: Bug
>            Reporter: Jan Van Ryckeghem
>            Priority: Critical
>
> JAR can't be verified:
> {code:java}
> ~/.m2/repository/org/apache/directory/server/apacheds-all/2.0.0.AM26
> $ jarsigner -verify -verbose apacheds-all-2.0.0.AM26.jar
> jarsigner: java.lang.SecurityException: Invalid signature file digest for Manifest main attributes{code}
> This breaks projects using OWASP Vulnerability scanning.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org