[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

tar-1.34 released [stable]

From: Sergey Poznyakoff
Subject: tar-1.34 released [stable]
Date: Sat, 13 Feb 2021 13:56:39 +0200


This is to inform you that GNU tar version 1.34 is available for
download. This release includes the following bugfixes:

  * Fix extraction over pipe (savannah bug #60002)

  * Fix memory leak in read_header (savannah bug #59897)

  * Fix extraction when . and .. are unreadable


  * Gracefully handle duplicate symlinks when extracting


  * Re-initialize supplementary groups when switching to user privileges

Here are the compressed sources:   (4.2MB)   (2.9MB)   (2.2MB)   (4.2MB)

Here are the GPG detached signatures[*]:

Use a mirror for higher download bandwidth:

Here are the MD5 and SHA1 checksums:

9d5949e4c2d9665546ac65dafc0e726a  tar-1.34.tar.gz
a71ced6d422c4905f2547fc9b0c869e3  tar-1.34.tar.bz2
9a08d29a9ac4727130b5708347c0f5cf  tar-1.34.tar.xz
431a5c3f4fa9812a5f3c216939f68357  tar-1.34.cpio.gz
974e5b798ffa61de8fba55bc9185cdfdcb7c0bcb  tar-1.34.tar.gz
5bae4a431c4da46d50c772f377bfc204e22fecf2  tar-1.34.tar.bz2
bb9d853e10d0753fe9063914401a7e164d51a0f0  tar-1.34.tar.xz
85d9e7e7038bcbaad9c7ef55c47fc96d6be9115e  tar-1.34.cpio.gz

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify tar-1.34.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

  gpg --keyserver --recv-keys 3602B07F55D0C732

and rerun the 'gpg --verify' command.

Best regards,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]