Hi Till, I also believe that it's a problem with a single mirror. It was not a blocking problem for me; I just wanted you to be aware of it, in case you have some policy regarding the management of mirrors.
Best, Gianluca On Mon, 1 Oct 2018 at 14:27, Till Rohrmann <trohrm...@apache.org> wrote: > Hi Gianluca, > > I've downloaded flink-1.6.1-bin-scala_2.11.tgz from here [1] and verified > that the shasum512 and the signature are both correct. > > The only way I could explain this is that either your downloaded artifacts > or the mirror you got the binaries from got corrupted. > > [1] https://dist.apache.org/repos/dist/release/flink/flink-1.6.1/ > > Cheers, > Till > > On Mon, Oct 1, 2018 at 12:07 PM Gianluca Ortelli < > gianl...@mediadistillery.com> wrote: > >> Hi Fabian, >> >> the mirror is >> https://www.apache.org/dyn/closer.lua/flink/flink-1.6.1/flink-1.6.1-bin-scala_2.11.tgz >> >> I just tried a download and the hash is still wrong: it should be >> >> >> d0153bad859e3c2da7e73299837f95670279b3102a0982809f56eb61875908a10120e82bc2dca59972e912c0221cbbfd01f4cd1128a92dd37358e28fe1f76f2f >> >> but instead it's >> >> >> 9b4ceb7ad59df27ea4c12d15845165dcf64675a26161d502d399234ae237f40f719ab6da4fac7ba210a20aa82364b5ac0377b06a1324e21516198b7a23b5d19c >> >> Best regards, >> Gianluca >> >> >> On Mon, 1 Oct 2018 at 11:59, Fabian Hueske <fhue...@gmail.com> wrote: >> >>> Hi Gianluca, >>> >>> I tried to validate the issue but hash and signature are OK for me. >>> >>> Do you remember which mirror you used to download the binaries? >>> >>> Best, Fabian >>> >>> >>> Am Sa., 29. Sep. 2018 um 17:24 Uhr schrieb vino yang < >>> yanghua1...@gmail.com>: >>> >>>> Hi Gianluca, >>>> >>>> This is very strange, Till may be able to give an explanation, because >>>> it is the release manager of this version. >>>> >>>> Thanks, vino. >>>> >>>> Gianluca Ortelli <gianl...@mediadistillery.com> 于2018年9月28日周五 下午4:02写道: >>>> >>>>> Hi, >>>>> >>>>> I just downloaded flink-1.6.1-bin-scala_2.11.tgz from >>>>> https://flink.apache.org/downloads.html and noticed that it fails >>>>> signature verification with a >>>>> >>>>> gpg: BAD signature from "Till Rohrmann (stsffap) <trohrm...@apache.org >>>>> >" >>>>> >>>>> message. The sha512 hash doesn't match either. >>>>> >>>>> I switched to 1.6.0, which verifies OK. >>>>> >>>>> Best regards, >>>>> Gianluca >>>>> >>>>
