I have downloaded ROOT binary installer from https://root.cern/download/root_v6.32.00.win64.vc17.exe. When running the executable Windows prompts that the executable is untrusted. Checking the executable shows that it’s not signed.
Is it possible to sign the executables to ensure that they haven’t been modified?
Maybe at the least provide some MD5 hashes on the website so that I can compare the downloaded executable to the hash?
Welcome to the ROOT Forum!
Thank you for posting, we are aware of the issue and working on a solution…
Great! Thanks for the update.
I just downloaded the latest release and found the same issue. See the following image.
Is there a ticketing system or other way that I can track the progress of this work?
@ferhue :
I couldn’t find an existing bug report for this. I was in the process of opening a new one and it asked me if I had checked Jira for a duplicate. I clicked on the link provided and I get the following message:
No worries, JIRA is an old bug tracking system that is no longer public. Go ahead without checking that.
@ferhue : Will do. Thanks!
Opened bug report in GitHub. I can’t link directly but the the issue ID is #15896.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
