This pages linked to below contain a listing of MD5 and SHA1 checksums for the source code of PostgreSQL, an open source relational database management system. (Also referred to as simply "Postgres"). The source code is available as a series of gzipped and bzipped tarballs. Instead of signing each tarball, I have signed messages containing the validated checksum for each file. This makes it easier to verify the source code to other people who do not have GnuPG or who do not have my public key. It also allows people to spot bad checksums on the various Postgres mirrors. If you do come across a bad checksum, please let me know right away.
This process only verifies that the files were checked by me to have the proper checksum, and does not mean that I have personally checked every line in the source code for Postgres. However, I am fairly certain that any problem would be quickly found. This page will be updated if any version of Postgres is ever found to have a problem.
It is strongly recommended that you run the most recent version in your branch.
To verify the files, you will need to do two things:
gpg --verify pgfile.gpg.txt(assuming that you saved the file as pgfile.gpg.txt of course). If you do not receive a message stating that the file has a good signature, please send me an email and I will help you out.
md5sum filenameor by running
sha1sum filenameCompare the output of that command to the checksums listed in the text file that you downloaded from before. You can also check all the files at once by running
md5sum --check pgfile.gpg.txt or... sha1sum --check pgfile.gpg.txt
The following versions were released on February 27, 2012: