[
https://issues.apache.org/jira/browse/DIRSERVER-2313?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17582447#comment-17582447
]
Emmanuel Lécharny commented on DIRSERVER-2313:
----------------------------------------------
AFAICT, the previous version was properly signed. We have to look at what's
missing in M26.
> 2.0.0.M26: Invalid signature file digest for Manifest main attributes
> ---------------------------------------------------------------------
>
> Key: DIRSERVER-2313
> URL: https://issues.apache.org/jira/browse/DIRSERVER-2313
> Project: Directory ApacheDS
> Issue Type: Bug
> Reporter: Jan Van Ryckeghem
> Priority: Critical
>
> JAR can't be verified:
> {code:java}
> ~/.m2/repository/org/apache/directory/server/apacheds-all/2.0.0.AM26
> $ jarsigner -verify -verbose apacheds-all-2.0.0.AM26.jar
> jarsigner: java.lang.SecurityException: Invalid signature file digest for
> Manifest main attributes{code}
> This breaks projects using OWASP Vulnerability scanning.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
