On Tue, Sep 15, 2015 at 11:59:20AM +0200, wolfgang.zt...@web.de wrote: > Hi, > > http://subversion.apache.org/download.cgi#supported-releases: > subversion-1.9.1.tar.bz2 2ba78f59b3669e461ef6f56326426918100e2073 > > but sha1sum gives: 1244a741dbcf24f2b1d165225f0159a0c994e37a > subversion-1.9.1.tar.bz2
1244a741dbcf24f2b1d165225f0159a0c994e37a is correct. I'll fix the website. Thanks for reporting this issue. > all 1.9.1 files, different mirrors checked, yesterday and now. > > nobody verifying their downloads? You could also use PGP if you've got a sufficient trust chain to one of the developer keys.
signature.asc
Description: PGP signature
