Facebook Mirror

Apache Software Foundation Distribution Directory

The directories linked below contain current software releases from the Apache Software Foundation projects. Older non-recommended releases can be found on our archive site.

To find the right download for a particular project, you should start at the project's own webpage or on our project resource listing rather than browsing the links below.

Please do not download from apache.org! If you are currently at apache.org and would like to browse, please instead visit a nearby mirror site.

Projects

      Name                                                    Last modified       Size  


[DIR] Parent Directory                                        11-Oct-2008 12:19      -  
[DIR] abdera/                                                 11-Apr-2008 10:48      -  
[DIR] buildr/                                                 24-Jul-2008 13:39      -  
[DIR] couchdb/                                                16-Aug-2008 09:11      -  
[DIR] cxf/                                                    10-Apr-2008 16:32      -  
[DIR] nmaven/                                                 30-Mar-2008 05:00      -  
[DIR] pig/                                                    10-Sep-2008 14:33      -  
[DIR] qpid/                                                   01-Oct-2008 05:32      -  
[DIR] river/                                                  15-Feb-2008 07:28      -  
[DIR] sanselan/                                               30-Jul-2008 03:22      -  
[DIR] sling/                                                  23-Jun-2008 04:45      -  
[DIR] tika/                                                   07-Jan-2008 07:57      -  
[DIR] tuscany/                                                04-Feb-2008 07:56      -  
[DIR] uima/                                                   12-Aug-2008 03:44      -  
[TXT] README.html                                             17-Sep-2008 21:12     2k

Verify downloaded artefacts

It is essential that you verify the integrity of the downloaded files using the MD5 and PGP signatures. MD5 verification ensures the file was not corrupted or tampered with. PGP verification ensures that the file came from a certain person.

Each project will probably have its own instructions on its download page. If not, then the following notes will help.

PGP signature

The PGP signatures can be verified using PGP or GPG. First download the project's KEYS file as well as the *.asc signature file for the particular artefact. It is important that you get these files from the ultimate trusted source - the main ASF distribution site, rather than from a mirror. Then verify the signatures using ... 

% pgpk -a KEYS
% pgpv apache-podling-X.Y-incubating-src.tar.gz.asc

or

% pgp -ka KEYS
% pgp apache-podling-X.Y-incubating-src.tar.gz.asc

or

% gpg --import KEYS
% gpg --verify apache-podling-X.Y-incubating-src.tar.gz.asc

MD5 checksum

To verify the MD5 checksum on the files, you need to use a program called md5 or md5sum, which is included in many unix distributions. It is also available as part of GNU Textutils. Windows users can get binary md5 programs from here, here, or here or an openssl client from here. 

% md5sum apache-podling-X.Y-incubating-src.tar.gz
... output should match the string in apache-podling-X.Y-incubating-src.tar.gz.md5

We strongly recommend that you verify your downloads with both PGP and MD5.