This is an automated email from the ASF dual-hosted git repository.
rpopma pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/logging-log4j-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new 3e75500 Fix 2.3.1/download page: MD5 links should be SHA512 links
3e75500 is described below
commit 3e75500fbd111030b47772e408e6ed22c0032ec6
Author: Remko Popma <rem...@yahoo.com>
AuthorDate: Thu Dec 23 11:28:34 2021 +0900
Fix 2.3.1/download page: MD5 links should be SHA512 links
---
log4j-2.3.1/download.html | 70 +++++++++++++++++++++++++----------------------
1 file changed, 38 insertions(+), 32 deletions(-)
diff --git a/log4j-2.3.1/download.html b/log4j-2.3.1/download.html
index cd6b746..517e953 100644
--- a/log4j-2.3.1/download.html
+++ b/log4j-2.3.1/download.html
@@ -257,39 +257,45 @@
<h2><a name="Download_Apache_Log4j_2"></a>Download Apache Log4j 2</h2>
<p>Apache Log4j 2 is distributed under the <a class="externalLink"
href="http://www.apache.org/licenses/LICENSE-2.0.html";> Apache License, version
2.0</a>.</p>
<p>The link in the Mirrors column should display a list of available mirrors
with a default selection based on your inferred location. If you do not see
that page, try a different browser. The checksum and signature are links to the
originals on the main distribution server.</p>
-<table border="1" class="bodyTable">
-<tr class="a">
-<td align="left"></td>
-<td align="left">Mirrors</td>
-<td align="left">Checksum</td>
-<td align="left">Signature</td></tr>
-<tr class="b">
-<td align="left">Apache Log4j 2 binary (tar.gz)</td>
-<td align="left"><a class="externalLink"
href="http://www.apache.org/dyn/closer.cgi/logging/log4j/2.3.1/apache-log4j-2.3.1-bin.tar.gz";>
apache-log4j-2.3.1-bin.tar.gz</a></td>
-<td align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-bin.tar.gz.md5";>
apache-log4j-2.3.1-bin.tar.gz.md5</a></td>
-<td align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-bin.tar.gz.asc";>
apache-log4j-2.3.1-bin.tar.gz.asc</a></td></tr>
-<tr class="a">
-<td align="left">Apache Log4j 2 binary (zip)</td>
-<td align="left"><a class="externalLink"
href="http://www.apache.org/dyn/closer.cgi/logging/log4j/2.3.1/apache-log4j-2.3.1-bin.zip";>
apache-log4j-2.3.1-bin.zip</a></td>
-<td align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-bin.zip.md5";>
apache-log4j-2.3.1-bin.zip.md5</a></td>
-<td align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log42/apache-log4j-2.3.1-bin.zip.asc";>
apache-log4j-2.3.1-bin.zip.asc</a></td></tr>
-<tr class="b">
-<td align="left">Apache Log4j 2 source (tar.gz)</td>
-<td align="left"><a class="externalLink"
href="http://www.apache.org/dyn/closer.cgi/logging/log4j/2.3.1/apache-log4j-2.3.1-src.tar.gz";>
apache-log4j-2.3.1-src.tar.gz</a></td>
-<td align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-src.tar.gz.md5";>
apache-log4j-2.3.1-src.tar.gz.md5</a></td>
-<td align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-src.tar.gz.asc";>
apache-log4j-2.3.1-src.tar.gz.asc</a></td></tr>
-<tr class="a">
-<td align="left">Apache Log4j 2 source (zip)</td>
-<td align="left"><a class="externalLink"
href="http://www.apache.org/dyn/closer.cgi/logging/log4j/2.3.1/apache-log4j-2.3.1-src.zip";>
apache-log4j-2.3.1-src.zip</a></td>
-<td align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-src.zip.md5";>
apache-log4j-2.3.1-src.zip.md5</a></td>
-<td align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log42/apache-log4j-2.3.1-src.zip.asc";>
apache-log4j-2.3.1-src.zip.asc</a></td></tr></table>
-<p>It is essential that you verify the integrity of the downloaded files using
the PGP or MD5 signatures. Please read <a class="externalLink"
href="http://httpd.apache.org/dev/verification.html";>Verifying Apache HTTP
Server Releases</a> for more information on why you should verify our
releases.</p>
-<p>The PGP signatures can be verified using PGP or GPG. First download the <a
class="externalLink" href="https://www.apache.org/dist/logging/KEYS";>KEYS</a>
as well as the asc signature file for the relevant distribution. Make sure you
get these files from the <a class="externalLink"
href="https://www.apache.org/dist/logging/";>main distribution directory</a>,
rather than from a mirror. Then verify the signatures using</p>
-<div>
+
+ <table border="1"
class="bodyTable">
+ <tr class="a">
+ <td
align="left"></td>
+ <td
align="left">Mirrors</td>
+ <td
align="left">Checksum</td>
+ <td
align="left">Signature</td></tr>
+ <tr class="b">
+ <td
align="left">Apache Log4j 2 binary (tar.gz)</td>
+ <td
align="left"><a class="externalLink"
href="http://www.apache.org/dyn/closer.cgi/logging/log4j/2.3.1/apache-log4j-2.3.1-bin.tar.gz";>
apache-log4j-2.3.1-bin.tar.gz</a></td>
+ <td
align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-bin.tar.gz.sha512";>
apache-log4j-2.3.1-bin.tar.gz.sha512</a></td>
+ <td
align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-bin.tar.gz.asc";>
apache-log4j-2.3.1-bin.tar.gz.asc</a></td></tr>
+ <tr class="a">
+ <td
align="left">Apache Log4j 2 binary (zip)</td>
+ <td
align="left"><a class="externalLink"
href="http://www.apache.org/dyn/closer.cgi/logging/log4j/2.3.1/apache-log4j-2.3.1-bin.zip";>
apache-log4j-2.3.1-bin.zip</a></td>
+ <td
align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-bin.zip.sha512";>
apache-log4j-2.3.1-bin.zip.sha512</a></td>
+ <td
align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log42/apache-log4j-2.3.1-bin.zip.asc";>
apache-log4j-2.3.1-bin.zip.asc</a></td></tr>
+ <tr class="b">
+ <td
align="left">Apache Log4j 2 source (tar.gz)</td>
+ <td
align="left"><a class="externalLink"
href="http://www.apache.org/dyn/closer.cgi/logging/log4j/2.3.1/apache-log4j-2.3.1-src.tar.gz";>
apache-log4j-2.3.1-src.tar.gz</a></td>
+ <td
align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-src.tar.gz.sha512";>
apache-log4j-2.3.1-src.tar.gz.sha512</a></td>
+ <td
align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-src.tar.gz.asc";>
apache-log4j-2.3.1-src.tar.gz.asc</a></td></tr>
+ <tr class="a">
+ <td
align="left">Apache Log4j 2 source (zip)</td>
+ <td
align="left"><a class="externalLink"
href="http://www.apache.org/dyn/closer.cgi/logging/log4j/2.3.1/apache-log4j-2.3.1-src.zip";>
apache-log4j-2.3.1-src.zip</a></td>
+ <td
align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log4j/2.3.1/apache-log4j-2.3.1-src.zip.sha512";>
apache-log4j-2.3.1-src.zip.sha512</a></td>
+ <td
align="left"><a class="externalLink"
href="https://www.apache.org/dist/logging/log42/apache-log4j-2.3.1-src.zip.asc";>
apache-log4j-2.3.1-src.zip.asc</a></td></tr></table>
+ <p>It is essential that you
verify the integrity of the downloaded files using the PGP or SHA512
signatures. Please read <a class="externalLink"
href="http://httpd.apache.org/dev/verification.html";>Verifying Apache HTTP
Server Releases</a> for more information on why you should verify our
releases.</p>
+ <p>The PGP signatures can be
verified using PGP or GPG. First download the <a class="externalLink"
href="https://www.apache.org/dist/logging/KEYS";>KEYS</a> as well as the asc
signature file for the relevant distribution. Make sure you get these files
from the <a class="externalLink"
href="https://www.apache.org/dist/logging/";>main distribution directory</a>,
rather than from a mirror. Then verify the signatures using</p>
+ <div>
<pre>% gpg --import KEYS
-% gpg --verify apache-log4j-2.3.1-bin.tar.gz.asc</pre></div>
-<p>Apache Log4j 2.3.1 is signed by Ralph Goers (B3D8E1BA)</p>
-<p>Alternatively, you can verify the MD5 signature on the files. A unix
program called md5 or md5sum is included in many unix distributions.</p>
+% gpg --verify apache-log4j-2.3.1-bin.tar.gz.asc
+</pre></div>
+ <p>Apache Log4j 2.3.1 is signed
by Ralph Goers (B3D8E1BA)</p>
+ <p>Alternatively, you can
verify the SHA512 signature on the files. A Unix program called sha or
sha512sum is included in many Unix distributions.</p>
+
+
+
+
<div class="section">
<h3><a name="Previous_Releases"></a>Previous Releases</h3>
<p>All previous releases of Apache log4j can be found in the <a
class="externalLink"
href="http://archive.apache.org/dist/logging/log4j";>archive
repository</a>.</p></div>
