Long time, no release! Happy hacking, Simon
Here are the compressed sources and a GPG detached signature: https://alpha.gnu.org/gnu/gss/gss-1.0.4.tar.gz https://alpha.gnu.org/gnu/gss/gss-1.0.4.tar.gz.sig Use a mirror for higher download bandwidth: https://www.gnu.org/order/ftp.html Here are the SHA1 and SHA256 checksums: d53fc821d2ef6fd783e24395a2c32edd5370af52 gss-1.0.4.tar.gz 7M6r3vTK4/znIYsuy4PrQifbpEtTthuMKy6IrgJBnHM gss-1.0.4.tar.gz The SHA256 checksum is base64 encoded, instead of the hexadecimal encoding that most checksum tools default to. Use a .sig file to verify that the corresponding file (without the .sig suffix) is intact. First, be sure to download both the .sig file and the corresponding tarball. Then, run a command like this: gpg --verify gss-1.0.4.tar.gz.sig The signature should match the fingerprint of the following key: pub ed25519 2019-03-20 [SC] B1D2 BD13 75BE CB78 4CF4 F8C4 D73C F638 C53C 06BE uid Simon Josefsson <[email protected]> If that command fails because you don't have the required public key, or that public key has expired, try the following commands to retrieve or refresh it, and then rerun the 'gpg --verify' command. gpg --locate-external-key [email protected] gpg --recv-keys 51722B08FE4745A2 wget -q -O- 'https://savannah.gnu.org/project/release-gpgkeys.php?group=gss&download=1' | gpg --import - As a last resort to find the key, you can try the official GNU keyring: wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg gpg --keyring gnu-keyring.gpg --verify gss-1.0.4.tar.gz.sig This release was bootstrapped with the following tools: Autoconf 2.71 Automake 1.16.5 Libtoolize 2.4.6 Gnulib v0.1-5347-gc0c72120f Makeinfo 6.7 Help2man 1.48.1 Gengetopt 2.23 Gtkdocize 1.33.1 Tar 1.34 Gzip 1.10 NEWS * Noteworthy changes in release 1.0.4 (2022-08-06) [beta] ** Modernize build infrastructure. ** Relicense library to LGPLv3+|GPLv2+, see COPYING.
signature.asc
Description: PGP signature
