while trying to verify my download of beanshell 2.1.1 from [1] i tried to check the sha-sums and was surprised, finding only sha1sum-hashes. These seem to be vulnerable (compare eg [2]). Using SHA-2 hashes (eg sha512sum) is recommended.
You provide sha1 and sha512 for version 2.0b6.
REQUEST:
Would it be possible to provide sha512sums also for v 2.1.1?
while trying to verify my download of beanshell 2.1.1 from [1] i tried to check the sha-sums and was surprised, finding only sha1sum-hashes. These seem to be vulnerable (compare eg [2]). Using SHA-2 hashes (eg sha512sum) is recommended.
You provide sha1 and sha512 for version 2.0b6.
REQUEST: Would it be possible to provide sha512sums also for v 2.1.1?
Thanks in advance.
[1] https://github.com/beanshell/beanshell/releases
[2] https://en.wikipedia.org/wiki/Sha1sum