This is to announce inetutils-2.7, a stable release. GNU Networking Utilities (inetutils) contain traditional networking utilities, clients and servers, including ftp, telnet, inetd, rsh/rlogin, tftp, talk, syslogd, ping, traceroute, whois, hostname, dnsdomainname, ifconfig, and logger.
There have been 27 commits by 4 people in the 42 weeks since 2.6. See the NEWS below for a brief summary. Thanks to everyone who has contributed! The following people contributed changes to this release: Bruno Haible (1) Collin Funk (5) Erik Auerswald (5) Simon Josefsson (16) Happy Hacking, /Simon [on behalf of the inetutils maintainers] ================================================================== Here is the GNU inetutils home page: https://www.gnu.org/software/inetutils/ Here are the compressed sources and a GPG detached signature: https://ftpmirror.gnu.org/inetutils/inetutils-2.7.tar.gz https://ftpmirror.gnu.org/inetutils/inetutils-2.7.tar.gz.sig Here is minimal source-only "git archive" sources: https://ftp.gnu.org/gnu/inetutils/inetutils-v2.7-src.tar.gz https://ftp.gnu.org/gnu/inetutils/inetutils-v2.7-src.tar.gz.sig Here are Sigsum Proofs: https://ftp.gnu.org/gnu/inetutils/inetutils-2.7.tar.gz.proof https://ftp.gnu.org/gnu/inetutils/inetutils-v2.7-src.tar.gz.proof Use a mirror for higher download bandwidth: https://www.gnu.org/order/ftp.html Here are the SHA256 and SHA3-256 checksums: SHA256 (inetutils-2.7.tar.gz) = oVa+HN48XA/+/CYhgNk2mmBIQIeQeqVUxieH0vQOwIY= SHA3-256 (inetutils-2.7.tar.gz) = BfsYihHbL3E7LwuQZDyCRRo+jlN9LbhscaJ8bHyDObE= SHA256 (inetutils-v2.7-src.tar.gz) = 2gcjLO+9i0BWv4j1hPqOPFqe4Wzn2hgZX4RbnTI2oSY= SHA3-256 (inetutils-v2.7-src.tar.gz) = zeG70Vyex9W+VNdE2uGy8KXe/Pe54enyFDbS0vHkOp4= Verify the base64 SHA256 checksum with cksum -a sha256 --check from coreutils-9.2 or OpenBSD's cksum since 2007. Verify the base64 SHA3-256 checksum with cksum -a sha3 --check from coreutils-9.8. Use a .sig file to verify that the corresponding file (without the .sig suffix) is intact. First, be sure to download both the .sig file and the corresponding tarball. Then, run a command like this: gpg --verify inetutils-2.7.tar.gz.sig The signature should match the fingerprint of the following key: pub ed25519 2019-03-20 [SC] B1D2 BD13 75BE CB78 4CF4 F8C4 D73C F638 C53C 06BE uid Simon Josefsson <[email protected]> If that command fails because you don't have the required public key, or that public key has expired, try the following commands to retrieve or refresh it, and then rerun the 'gpg --verify' command. gpg --locate-external-key [email protected] gpg --recv-keys D73CF638C53C06BE wget -q -O- 'https://savannah.gnu.org/project/release-gpgkeys.php?group=inetutils&download=1' | gpg --import - As a last resort to find the key, you can try the official GNU keyring: wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg gpg --keyring gnu-keyring.gpg --verify inetutils-2.7.tar.gz.sig Use the .proof files to verify the Sigsum proof. These files are like signatures but with extra transparency: you can cryptographically verify that every signature is logged in a public append-only log, so you can say with confidence what signatures exists. This makes hidden releases no longer deniable for the same public key. Releases are Sigsum-signed with the following public key: cat <<EOF > inetutils-sigsum-key.pub ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILzCFcHHrKzVSPDDarZPYqn89H5TPaxwcORgRg+4DagE EOF Run a command like this to verify downloaded artifacts: sigsum-verify -k inetutils-sigsum-key.pub -P sigsum-generic-2025-1 \ inetutils-2.7.tar.gz.proof < inetutils-2.7.tar.gz You may learn more about Sigsum concepts and find instructions how to download the tools here: https://www.sigsum.org/getting-started/ This release is based on the inetutils git repository, available as git clone https://https.git.savannah.gnu.org/git/inetutils.git with commit 380e69a57239bce9cc6a9a9318bb92e001f31cac tagged as v2.7. For a summary of changes and contributors, see: https://gitweb.git.savannah.gnu.org/gitweb/?p=inetutils.git;a=shortlog;h=v2.7 or run this command from a git-cloned inetutils directory: git shortlog v2.6..v2.7 This release was bootstrapped with the following tools: Gnulib 2025-12-04 b3518f60173c907453ee5c7d439f967342de6d0c Autoconf 2.72 Automake 1.17 Bison 3.8.2 M4 1.4.19 Makeinfo 7.1.1 Help2man 1.49.2 Make 4.4.1 Gzip 1.14 Tar 1.35 Guix 1.4.0-47.21ce6b3 NEWS.md # Noteworthy changes in release 2.7 (2025-12-14) [stable] ** Systems without asprintf are now supported through the use of gnulib. ** Fix link errors on Solaris 11 OmniOS. ** ftpd: Expanded documentation of user authentication rules. Thanks to Benjamin Cathelineau, see <https://lists.gnu.org/archive/html/bug-inetutils/2025-10/msg00000.html>. ** syslogd: Fix a stack-based buffer overflow (CWE-121). ** syslogd: Log 'DEL' control characters as '^?'. ** Fix codespell typos. ** syslogd, talkd: Better compatibility with utmp-less GNU/Linux systems when configuring with --enable-systemd. Thanks to Valentin Haudiquet for reporting the issue and testing possible solutions. For more info, see the thread starting at <https://lists.gnu.org/archive/html/bug-inetutils/2025-11/msg00000.html>. ** README and NEWS now uses markdown syntax.
signature.asc
Description: PGP signature
