date:20230501

mailutils-3.16 released [stable]

2023-05-01 Thread Sergey Poznyakoff

Hello,

Please be informed that GNU mailutils version 3.16 is available for
download.  This is mainly a bug-fixing release.  See below for a brief
summary of changes.

Here are the compressed sources:
  https://ftp.gnu.org/gnu/mailutils/mailutils-3.16.tar.gz   (7.6MB)
  https://ftp.gnu.org/gnu/mailutils/mailutils-3.16.tar.bz2  (5.1MB)
  https://ftp.gnu.org/gnu/mailutils/mailutils-3.16.tar.xz   (3.1MB)

Here are the GPG detached signatures:
  https://ftp.gnu.org/gnu/mailutils/mailutils-3.16.tar.gz.sig
  https://ftp.gnu.org/gnu/mailutils/mailutils-3.16.tar.bz2.sig
  https://ftp.gnu.org/gnu/mailutils/mailutils-3.16.tar.xz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

Here are the SHA1 and SHA256 checksums:

  8ae95c963bfe0bbecd54f7191292b0b9029b9561  mailutils-3.16.tar.gz
  oDSvXwLHN22n3TJRu8I/AQAbIlVkUKr/5h4ryrG2D+8=  mailutils-3.16.tar.gz
  79d927d8f774d14be277ef374fa3059672a473d9  mailutils-3.16.tar.bz2
  8mk82KAnZRLqtYv7LJyWKLHW9HKvOkS1eRlsd3s7Buw=  mailutils-3.16.tar.bz2
  a509cf6356b665b3a2f7dc5ebcdbdf90c187819a  mailutils-3.16.tar.xz
  BB0VjTCMA3YYQ4jpyTbPqEGlHNwl1Nt1mEp3Gj+gAsA=  mailutils-3.16.tar.xz

Verify the base64 SHA256 checksum with cksum -a sha256 --check
from coreutils-9.2 or OpenBSD's cksum since 2007.

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify mailutils-3.16.tar.gz.sig

If that command fails because you don't have the required public key,
try the following command to retrieve it, and then rerun the 'gpg
--verify' command.

  gpg --recv-keys 3602B07F55D0C732

As a last resort to find the key, you can try the official GNU
keyring:

  wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
  gpg --keyring gnu-keyring.gpg --verify mailutils-3.16.tar.gz.sig

Noteworthy changes in this release:

* rdcache streams: fix stream size computation

* tlsfdstr streams: fix error handling

* wordwrap streams: fix handling of overflowing lines

Best regards,
Sergey

cpio-2.14 released [stable]

2023-05-01 Thread Sergey Poznyakoff

Hello,

Please be informed that GNU cpio version 2.14 is available for
download.  See end of this message for the list of noteworthy
changes in this release.

Here are the compressed sources:
  https://ftp.gnu.org/gnu/cpio/cpio-2.14.tar.gz(2.1MB)
  https://ftp.gnu.org/gnu/cpio/cpio-2.14.tar.bz2   (1.5MB)

Here are the GPG detached signatures[*]:
  https://ftp.gnu.org/gnu/cpio/cpio-2.14.tar.gz.sig
  https://ftp.gnu.org/gnu/cpio/cpio-2.14.tar.bz2.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

Here are the SHA1 and SHA256 checksums:

f304fe18df5af642c87f240dd5631bfcee9ba8ed  cpio-2.14.tar.gz
FFo0D9nVXwuEd5pEoS1fedd8mWY5Z/jPoWjXkFylJFQ  cpio-2.14.tar.gz
cbac50a61079b6f3bdcf9ffe42171d9257cfe877  cpio-2.14.tar.bz2
/NwV1g9yZ6b8fvzWudt7bIlmxPL7u5ZMJNQTNv0/LBI  cpio-2.14.tar.bz2

Verify the base64 SHA256 checksum with cksum -a sha256 --check
from coreutils-9.2 or OpenBSD's cksum since 2007.

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify cpio-2.14.tar.gz.sig

If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to update
or refresh it, and then rerun the 'gpg --verify' command.

  gpg --recv-keys 3602B07F55D0C732

Noteworthy changes in this release:

* New option --ignore-dirnlink

Valid in copy-out mode, it instructs cpio to ignore the actual number
of links reported for each directory member and always store 2
instead.

* Changes in --reproducible option

The --reproducible option implies --ignore-dirlink.  In other words,
it is equivalent to --ignore-devno --ignore-dirnlink --renumber-inodes.

* Use GNU ls algorithm for deciding timestamp format in -tv mode

* Bugfixes

** Fix cpio header verification.

** Fix handling of device numbers on copy out.

** Fix calculation of CRC in copy-out mode.

** Rewrite the fix for CVE-2015-1197.

** Fix combination of --create --append --directory.

** Fix appending to archives bigger than 2G.

Regards,
Sergey

mailutils-3.16 released [stable]

cpio-2.14 released [stable]

2 matches

Site Navigation

Mail list logo

Footer information