[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

release checksum issue related to xdelta file, how to check .sig files (

From: Joe Wells
Subject: release checksum issue related to xdelta file, how to check .sig files (was: Emacs 22.2 released)
Date: 31 Mar 2008 11:09:22 -0400

>>>>> "Chong" == Chong Yidong <cyd@stupidchicken.com> writes:

  Chong> GNU Emacs 22.2 has been released, and is now available at
  Chong> ftp.gnu.org/gnu/emacs/ and the GNU FTP mirrors (see
  Chong> http://www.gnu.org/order/ftp.html).

  Chong> The MD5 check-sum is the following:

  Chong>   d6ee586b8752351334ebf072904c4d51  emacs-22.2.tar.gz

When using the emacs-22.1-22.2.xdelta patch to build emacs-22.2.tar.gz
from emacs-22.1.tar.gz, I get a *different* emacs-22.2.tar.gz file,
because it has been compressed differently.  (The contents are the same,
as revealed by "gunzip -c emacs-22.2.tar.gz | md5sum".)  This causes two

1. The above checksum can not be used to verify the generated file.  (This
   could be solved by also informing us of the MD5 checksum of the
   ungzipped file, but problem #2 below indicates this is probably not
   worth it.)

2. The emacs-22.2.tar.gz generated by xdelta will presumably not be usable
   as the basis for the next release.  There are two different
   emacs-22.2.tar.gz files, and the one generated by xdelta is different.
   Presumably, the next xdelta patch will be generated using the standard
   one, so one will not be able to use xdelta to upgrade two versions in a

I'm not sure what the solution to this is.  It is important that the
.tar.gz file generated by xdelta is the same as the .tar.gz file
distributed by FTP, or there will be problems.

Joe Wells

reply via email to

[Prev in Thread] Current Thread [Next in Thread]