This is to announce guile-gnutls-5.0.1, a stable release. Guile-GnuTLS provides Guile bindings for the GnuTLS library.
There have been 17 commits by 2 people in the 15 hours since 5.0.0. See the NEWS below for a brief summary. Thanks to everyone who has contributed! The following people contributed changes to this release: Dariqq (3) Simon Josefsson (14) Happy Hacking, Simon ================================================================== Here is the Guile-GnuTLS home page: https://codeberg.org/guile-gnutls/guile-gnutls/ Manual: https://gsasl.gitlab.io/guile-gnutls/manual/ https://gsasl.gitlab.io/guile-gnutls/manual/gnutls-guile.html - HTML format https://gsasl.gitlab.io/guile-gnutls/manual/gnutls-guile.pdf - PDF format If you need help to use Guile-GnuTLS, or want to help others, you are invited to join our mailing list, see: https://lists.gnupg.org/mailman/listinfo/gnutls-help The release is available here: https://codeberg.org/guile-gnutls/guile-gnutls/releases/tag/v5.0.1 Here are the compressed sources and a GPG detached signature: https://ftp.gnu.org/gnu/gnutls/guile-gnutls-5.0.1.tar.gz https://ftp.gnu.org/gnu/gnutls/guile-gnutls-5.0.1.tar.gz.sig Here is minimal source-only "git archive" sources: https://ftp.gnu.org/gnu/gnutls/guile-gnutls-v5.0.1-src.tar.gz https://ftp.gnu.org/gnu/gnutls/guile-gnutls-v5.0.1-src.tar.gz.sig Here are Sigsum Proofs: https://ftp.gnu.org/gnu/gnutls/guile-gnutls-5.0.1.tar.gz.proof https://ftp.gnu.org/gnu/gnutls/guile-gnutls-v5.0.1-src.tar.gz.proof Use a mirror for higher download bandwidth: https://www.gnu.org/order/ftp.html https://ftpmirror.gnu.org/gnutls/guile-gnutls-5.0.1.tar.gz https://ftpmirror.gnu.org/gnutls/guile-gnutls-5.0.1.tar.gz.sig https://ftpmirror.gnu.org/gnutls/guile-gnutls-5.0.1.tar.gz.proof https://ftpmirror.gnu.org/gnutls/guile-gnutls-v5.0.1-src.tar.gz https://ftpmirror.gnu.org/gnutls/guile-gnutls-v5.0.1-src.tar.gz.sig https://ftpmirror.gnu.org/gnutls/guile-gnutls-v5.0.1-src.tar.gz.proof Here are the SHA1 and SHA256 checksums: c2b8474e170c4255df09f91b88ae62ac405d80a9 guile-gnutls-5.0.1.tar.gz zABn8+60IbwXJHFAlipJCG31RQ8NPnHFW/VBotK57ys= guile-gnutls-5.0.1.tar.gz 9725a700f1007330ea09f5837e6077f03d912db1 guile-gnutls-v5.0.1-src.tar.gz sZAEfO4Gj2sipejUnKSaJCWtRZOQG5rIlA+IQrp/Fk8= guile-gnutls-v5.0.1-src.tar.gz Verify the base64 SHA256 checksum with cksum -a sha256 --check from coreutils-9.2 or OpenBSD's cksum since 2007. Use a .sig file to verify that the corresponding file (without the .sig suffix) is intact. First, be sure to download both the .sig file and the corresponding tarball. Then, run a command like this: gpg --verify guile-gnutls-5.0.1.tar.gz.sig The signature should match the fingerprint of the following key: pub ed25519 2019-03-20 [SC] B1D2 BD13 75BE CB78 4CF4 F8C4 D73C F638 C53C 06BE uid Simon Josefsson <[email protected]> If that command fails because you don't have the required public key, or that public key has expired, try the following commands to retrieve or refresh it, and then rerun the 'gpg --verify' command. gpg --locate-external-key [email protected] gpg --recv-keys 51722B08FE4745A2 As a last resort to find the key, you can try the official GNU keyring: wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg gpg --keyring gnu-keyring.gpg --verify guile-gnutls-5.0.1.tar.gz.sig Use the .proof files to verify the Sigsum proof. These files are like signatures but with extra transparency: you can cryptographically verify that every signature is logged in a public append-only log, so you can say with confidence what signatures exists. This makes hidden releases no longer deniable for the same public key. Releases are Sigsum-signed with the following public key: cat <<EOF > jas-sigsum-key.pub ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILzCFcHHrKzVSPDDarZPYqn89H5TPaxwcORgRg+4DagE EOF Run a command like this to verify downloaded artifacts: wget -q -Otrust.txt https://gnu.org/s/gsasl/sigsum-policy-20250309.txt sigsum-verify -k jas-sigsum-key.pub -p trust.txt \ guile-gnutls-5.0.1.tar.gz.proof < guile-gnutls-5.0.1.tar.gz You may learn more about Sigsum concepts and find instructions how to download the tools here: https://www.sigsum.org/getting-started/ This release is based on the guile-gnutls git repository, available as git clone https://codeberg.org/guile-gnutls/guile-gnutls.git with commit 55eb81ee7bcd295695be08488b609e61b3bea695 tagged as v5.0.1. For a summary of changes and contributors, see: https://codeberg.org/guile-gnutls/guile-gnutls/compare/v5.0.0...v5.0.1 or run this command from a git-cloned guile-gnutls directory: git shortlog v5.0.0..v5.0.1 This release was bootstrapped with the following tools: Autoconf 2.71 Automake 1.16.5 Git 2.50.1 Gnulib 9297749090b01720888dceeb5f6dab3d52dcef40 Gzip 1.13 Libtoolize 2.4.7 Make 4.4.1 Makeinfo 7.1.1 Tar 1.34 Guix 8ee456e2bda8f72ccaf2398a1709a85e6e32d952 NEWS * Noteworthy changes in release 5.0.1 (2025-07-13) [stable] ** Build fixes for 32-bit platforms wrt time_t.
signature.asc
Description: PGP signature
_______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
