[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
cpio-2.14 released [stable]
From: |
Sergey Poznyakoff |
Subject: |
cpio-2.14 released [stable] |
Date: |
Mon, 01 May 2023 21:10:21 +0200 |
User-agent: |
MH (GNU Mailutils 3.15) |
Hello,
Please be informed that GNU cpio version 2.14 is available for
download. See end of this message for the list of noteworthy
changes in this release.
Here are the compressed sources:
https://ftp.gnu.org/gnu/cpio/cpio-2.14.tar.gz (2.1MB)
https://ftp.gnu.org/gnu/cpio/cpio-2.14.tar.bz2 (1.5MB)
Here are the GPG detached signatures[*]:
https://ftp.gnu.org/gnu/cpio/cpio-2.14.tar.gz.sig
https://ftp.gnu.org/gnu/cpio/cpio-2.14.tar.bz2.sig
Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html
Here are the SHA1 and SHA256 checksums:
f304fe18df5af642c87f240dd5631bfcee9ba8ed cpio-2.14.tar.gz
FFo0D9nVXwuEd5pEoS1fedd8mWY5Z/jPoWjXkFylJFQ cpio-2.14.tar.gz
cbac50a61079b6f3bdcf9ffe42171d9257cfe877 cpio-2.14.tar.bz2
/NwV1g9yZ6b8fvzWudt7bIlmxPL7u5ZMJNQTNv0/LBI cpio-2.14.tar.bz2
Verify the base64 SHA256 checksum with cksum -a sha256 --check
from coreutils-9.2 or OpenBSD's cksum since 2007.
[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:
gpg --verify cpio-2.14.tar.gz.sig
If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to update
or refresh it, and then rerun the 'gpg --verify' command.
gpg --recv-keys 3602B07F55D0C732
Noteworthy changes in this release:
* New option --ignore-dirnlink
Valid in copy-out mode, it instructs cpio to ignore the actual number
of links reported for each directory member and always store 2
instead.
* Changes in --reproducible option
The --reproducible option implies --ignore-dirlink. In other words,
it is equivalent to --ignore-devno --ignore-dirnlink --renumber-inodes.
* Use GNU ls algorithm for deciding timestamp format in -tv mode
* Bugfixes
** Fix cpio header verification.
** Fix handling of device numbers on copy out.
** Fix calculation of CRC in copy-out mode.
** Rewrite the fix for CVE-2015-1197.
** Fix combination of --create --append --directory.
** Fix appending to archives bigger than 2G.
Regards,
Sergey
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- cpio-2.14 released [stable],
Sergey Poznyakoff <=