info-gnu
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

libidn2-2.3.4 released [stable]

From: Simon Josefsson
Subject: libidn2-2.3.4 released [stable]
Date: Sun, 23 Oct 2022 16:10:44 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) 
We are happy to announce a new release of libidn2!

Libidn2 is a free software implementation of IDNA2008, Punycode and
Unicode TR46.  Its purpose is to encode and decode internationalized
domain names.

Here are the compressed sources and a GPG detached signature:
  https://ftpmirror.gnu.org/libidn/libidn2-2.3.4.tar.gz
  https://ftpmirror.gnu.org/libidn/libidn2-2.3.4.tar.gz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

Here are the SHA1 and SHA256 checksums:

096e2f170fabdfd7011a1848a43e0fca49e3f2e5  libidn2-2.3.4.tar.gz
k8q6crTgUdH41PWgdqtjyZt3+u4Bm3K5eDsmeYbbtF8  libidn2-2.3.4.tar.gz

The SHA256 checksum is base64 encoded, instead of the
hexadecimal encoding that most checksum tools default to.

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify libidn2-2.3.4.tar.gz.sig

The signature should match the fingerprint of the following key:

  pub   ed25519 2019-03-20 [SC]
        B1D2 BD13 75BE CB78 4CF4  F8C4 D73C F638 C53C 06BE
  uid   Simon Josefsson <simon@josefsson.org>

If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the 'gpg --verify' command.

  gpg --locate-external-key simon@josefsson.org

  gpg --recv-keys 51722B08FE4745A2

  wget -q -O- 
'https://savannah.gnu.org/project/release-gpgkeys.php?group=libidn2&download=1' 
| gpg --import -

As a last resort to find the key, you can try the official GNU
keyring:

  wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
  gpg --keyring gnu-keyring.gpg --verify libidn2-2.3.4.tar.gz.sig


This release was bootstrapped with the following tools:
  Gnulib v0.1-5534-g2118e7cf12
  Autoconf 2.71
  Automake 1.16.5
  Libtoolize 2.4.6
  Make 4.3
  Makeinfo 6.7
  Help2man 1.48.1
  Gperf 3.1
  Gengetopt 2.23
  Gtkdocize 1.33.1
  Tar 1.34
  Gzip 1.10

NEWS

* Noteworthy changes in release 2.3.4 (2022-10-23) [stable]

** Support for Unicode 15.0.0.  Closes: #112.
We now uses Unicode.org's IDNA2008 tables rather than IANA's.  See
<https://gitlab.com/libidn/libidn2/-/issues/112> and
<https://lists.gnu.org/archive/html/help-libidn/2022-10/msg00000.html>
for rationale, which can be summarized into 1) IANA are still on
2019-era Unicode version 12 and we wish to support Unicode version
12-15, 2) consistency with some other implementations, 3) the only
incompatibility related to U+19DA is deemed to have minor real-world
consequences.  Thus we break backwards compatibility for U+19DA in
this release compared against libidn2 0.11..2.3.3 thus reverting back
to the libidn2 <= 0.11 behaviour.  We decided to not bump ABI version
and believe this is the best choice going forward as well for minor
internal non-API related ABI changes.

** Gnulib updated and now libunistring-optional is used.
This allows you to force libidn2 to use internal libunistring with the
following command: ./configure --with-included-libunistring

Happy hacking,
Simon

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]