new_installer_offline_XXXX.jar.sig is supposed to be a gpg signature of 
new_installer_offline_XXXX.jar.
Unfortunately, due to a bug in a script, everything before 1245 has bogus 
signatures, resulting from me signing the jar with gpg and *then* signing it 
internally with jarsigner. Therefore I am uploading .newsig's with the new key 
(which was created around build 1241). I am only signing those files that I 
have copies of locally, so a few early jars are not signed at all. This bug did 
not affect other signatures as far as I can see.

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
Devl mailing list
[email protected]
http://osprey.vm.bytemark.co.uk/cgi-bin/mailman/listinfo/devl

Reply via email to