This is a bug fix release for version 4.8.0
Integrity Check
All available JAR files in this release are signed via this GPG key.
For more information about the GPG public key, please refer to: Integrity Check.
From the download listings below you should see links to the downloadable jar files as well as sig signature files. To verify the authenticity of any jar file, grab the jar and sig files with the same prefix name and then execute the verification process: GPG signature verification