[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

cpio-2.13 released [stable]

From: Sergey Poznyakoff
Subject: cpio-2.13 released [stable]
Date: Wed, 06 Nov 2019 10:28:35 +0200


This is to inform you that GNU cpio version 2.13 is available for download.
This stable release fixes several potential vulnerabilities, namely:
CVE-2015-1197, CVE-2016-2037, CVE-2019-14866.

Here are the compressed sources:    (1.9MB)   (1.3MB)

Here are the GPG detached signatures[*]:

Use a mirror for higher download bandwidth:

Here are the MD5 and SHA1 checksums:

389c5452d667c23b5eceb206f5000810  cpio-2.13.tar.gz
f3438e672e3fa273a7dc26339dd1eed6  cpio-2.13.tar.bz2
9568076fd23fb9bc00d32ee458bb2231d5254e40  cpio-2.13.tar.gz
4dcefc0e1bc36b11506a354768d82b15e3fe6bb8  cpio-2.13.tar.bz2

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify cpio-2.13.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

  gpg --keyserver --recv-keys 3602B07F55D0C732

and rerun the 'gpg --verify' command.

Best regards,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]