On Tue, May 17, 2016 at 5:16 AM, Vladimir Prus
On 13/05/2016 15:07, Rene Rivera wrote:
Release 1.61.0 of the Boost C++ Libraries is now available.
For details, including download links, see
http://www.boost.org/users/news/version_1.61.0
You can also download directly from SourceForge: http://sourceforge.net/projects/boost/files/boost/1.61.0/
You can optionally verify integrity of the source downloads using the attached signed checksums file.
First, verify your downloads have the right checksums, by putting the file alongside the downloads, and running:
$ sha256sum -c boost_1_61_0.sums.asc
This should produce "OK" message for each source archive you have available.
This step fails, in the boost_1_61_0.sums.asc file the file names have boost_1_61.0.* instead of boost_1_61_0.* (note the . replacing an _ ). Manually verifying the checksums
Second, verify that the checksums file itself was not modified:
$ gpg --keyserver pgp.mit.edu --recv DA472E8659753BA4 $ gpg --verify boost_1_61_0.sums.asc
If everything is good, this should say "Good Signature" and also report these key fingerprints:
Primary key fingerprint: C5F0 F367 AA66 616F B839 806E DA47 2E86 5975 3BA4 Subkey fingerprint: 7805 7A0D 045A 2DC5 5453 BD81 0F1A 3ECD 4EAC 2316
You might want to trust they key for future use if fingerprints match.
I get a good verification on the file. Tom