Paranoid people don't post to mailing lists.
On Jul 19, 2015 3:42 PM, "Lorenzo Donati" <
lorenzodonatibz@tiscali.it> wrote:
On 19/07/2015 21:32, Soni L. wrote:
On 19/07/15 04:05 PM, Lorenzo Donati wrote:
On 19/07/2015 20:56, Jonathan Goble wrote:
On Sun, Jul 19, 2015 at 2:47 PM, Lorenzo Donati
<lorenzodonatibz@tiscali.it> wrote:
On 19/07/2015 20:17, Ashwin Hirschi wrote:
http://www.lua.org/ftp/lua-5.3.1.tar.gz
I just downloaded that package and checked its signatures. I get a
mismatch for both:
MD5: 797adacada8d85761c079390ff1d9961
SHA1: 1676c6a041d90b6982db8cef1e5fb26000ab6dee
According to http://www.lua.org/download.html there is no mismatch.
Yep! Just checked. You're right!
So the signatures in the message of lhf I replied to are wrong. But
@Dirk
seems to have downloaded a package that matches these older
signatures so
there is a problem somewhere. Was the release repackaged for some
reason? I
haven't seen any announce in the list about that. Maybe I missed a
message
(I'm not too active on the list lately).
Cheers!
The 797ada... and 1676c6... checksums match the Lua 5.3.0 gzipped
tarball that I downloaded in early February.
Yep! Just checked!
So it seems Luiz put the wrong signatures in the original post. Funny
no-one came up with the issue before! :-)
Shows how much we care about security.
Let's say people here are not paranoid like me ;-) :-D
-- Lorenzo