Use the links below to download Apache VCL from one of our mirrors. You must verify the integrity of the downloaded files using signatures downloaded from our main distribution directory, not from a mirror.
Only current recommended releases are available on the main distribution site and its mirrors. Older releases are available from the archive download site.
Stable Release - Latest Version:
- (Apache VCL 2.4.1 was never officially released)
- (Apache VCL 2.4 was never officially released)
- apache-VCL-2.3.2.tar.bz2 (released 2013-03-25)
- apache-VCL-2.2.2.tar.bz2 (released 2013-03-25)
- apache-VCL-2.3.1.tar.bz2 (released 2012-12-20)
- apache-VCL-2.3.tar.bz2 (released 2012-07-20)
- apache-VCL-2.2.1-incubating.tar.bz2 (released 2011-04-08)
- apache-VCL-2.2-incubating.tar.bz2 (released 2010-10-05)
- apache-VCL-2.1-incubating.tar.bz2 (released 2009-12-04)
The currently selected mirror is http://www.eng.lsu.edu/mirrors/apache/. If you encounter a problem with this mirror, please select another mirror. If all mirrors are failing, there are backup mirrors (at the end of the mirrors list) that should be available.
You may also consult the complete list of mirrors.
Verifying the integrity of the files
It is essential that you verify the integrity of the downloaded files using the PGP or MD5 signatures. Security of the mirrors cannot be guaranteed, which means malicious code could be added to the downloads from the mirrors. By verifying the integrity of downloaded release files, you ensure they have not been tainted.
Run the following command to verify the MD5 sum. It should give output similar to "apache-VCL-2.4.2.tar.bz2: OK":
md5sum -c apache-VCL-2.4.2.tar.bz2.md5
Similarly, run the following command to verify the SHA1 sum. You should get output similar to "apache-VCL-2.4.2.tar.bz2: OK":
sha1sum -c apache-VCL-2.4.2.tar.bz2.sha1
To verify the GPG signature (you'll need to have GnuPG installed):
download and import the VCL KEYS file (if you've imported the KEYS file for previously releases, you do not need to import it again):
gpg --import KEYS
download the GPG Signature to the same location as the release file
from the directory containing both the release file and the GPG signature, run
gpg --verify apache-VCL-2.4.2.tar.bz2.asc
For new installs, visit the on-line installation guide:
- Apache VCL 2.3.2 Installation Guide
- Apache VCL 2.3.1 Installation Guide
- Apache VCL 2.3 Installation Guide
- Apache VCL 2.2.1 Installation Guide
- Apache VCL 2.2 Installation Guide
- Apache VCL 2.1 Installation Guide
For upgrades, visit the on-line upgrade guide:
Upgrade to latest version:
Upgrade to 2.3.2
Upgrade to 2.2.2:
Upgrade really old versions to older versions:
See the release notes page for information about each release.
See the change log page for changes made in each release.