Dear Qpid developers, (please CC to me as I'm not subscribed to the list)
I have trouble verifying the qpid-cpp and qpid-tools source packages, neither via SHA1 checksums nor via GPG signatures. This is what I got via download: # sha1sum qpid-* 624812ace82f4be40d0857c08fb4a52acf9abcf1 qpid-cpp-0.34.tar.gz dfaec3b586c2d74f4e76ab03de2d7436affe0ad6 qpid-tools-0.32.tar.gz But these are the expected SHA1 checksums: d89668759c3d28a2dd762ba607e889da98169754 qpid-cpp-0.34.tar.gz 73fbd686138079e438636523afd0b9d0e8c16ee8 qpid-tools-0.32.tar.gz Am I the only one with that issue? Is this purely on my side? Or, are there some malicious download mirrors in place? Or, is there a bug within the Qpid release process? Regards, Volker -- Volker Diels-Grabsch ----<<<((()))>>>---- --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
