coreutils @ Savannah: coreutils-9.5 released [stable]

This is to announce coreutils-9.5, a stable release.

See the NEWS below for a summary of changes.

There have been 187 commits by 18 people in the 30 weeks since 9.4.

Thanks to everyone who has contributed!

The following people contributed changes to this release:

Aearil (1) Petr Malat (1)

Bruno Haible (3) Pádraig Brady (75)

Christian Göttsche (1) Samuel Tardieu (1)

Collin Funk (4) Stephane Chazelas (1)

Daan De Meyer (1) Stephen Kitt (1)

Greg Wooledge (1) Sylvestre Ledru (3)

Grisha Levit (2) Ville Skyttä (1)

Michel Lind (1) dann frazier (1)

Paul Eggert (89) lvgenggeng (1)

Pádraig [on behalf of the coreutils maintainers]

==================================================================

Here is the GNU coreutils home page:

https://gnu.org/s/coreutils/

For a summary of changes and contributors, see:

https://git.sv.gnu.org/gitweb/?p=coreutils.git;a=shortlog;h=v9.5

or run this command from a git-cloned coreutils directory:

git shortlog v9.4..v9.5

Here are the compressed sources:

https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.gz (15MB)

https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.xz (5.8MB)

Here are the GPG detached signatures:

https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.gz.sig

https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.xz.sig

Use a mirror for higher download bandwidth:

https://www.gnu.org/order/ftp.html

Here are the SHA1 and SHA256 checksums:

3285114d93b39e5e4643b0846f570203a5e4c97b coreutils-9.5.tar.gz

dnrmoilQ7ELzul98Heed0ngA7o6bhkLaXe21l0oXQeU= coreutils-9.5.tar.gz

867fed7ce2ee15c5150a355a5f3a3b50578cf78d coreutils-9.5.tar.xz

zTKO3qyS9qZl3p8yPJO3Eq8YWLwuDYjz9xAEaUcKG4o= coreutils-9.5.tar.xz

Verify the base64 SHA256 checksum with cksum -a sha256 --check

from coreutils-9.2 or OpenBSD's cksum since 2007.

Use a .sig file to verify that the corresponding file (without the

.sig suffix) is intact. First, be sure to download both the .sig file

and the corresponding tarball. Then, run a command like this:

gpg --verify coreutils-9.5.tar.gz.sig

The signature should match the fingerprint of the following key:

pub rsa4096/0xDF6FD971306037D9 2011-09-23 [SC]

Key fingerprint = 6C37 DC12 121A 5006 BC1D B804 DF6F D971 3060 37D9

uid [ultimate] Pádraig Brady P@draigBrady.com

uid [ultimate] Pádraig Brady pixelbeat@gnu.org

If that command fails because you don't have the required public key,

or that public key has expired, try the following commands to retrieve

or refresh it, and then rerun the 'gpg --verify' command.

gpg --locate-external-key P@draigBrady.com

gpg --recv-keys DF6FD971306037D9

wget -q -O- 'https://savannah.gnu.org/project/release-gpgkeys.php?group=coreutils&download=1' | gpg --import -

As a last resort to find the key, you can try the official GNU

keyring:

wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg

gpg --keyring gnu-keyring.gpg --verify coreutils-9.5.tar.gz.sig

This release was bootstrapped with the following tools:

Autoconf 2.72c.32-cb6fb

Automake 1.16.5

Gnulib v0.1-7293-g259829e78b

Bison 3.8.2

NEWS

  • Noteworthy changes in release 9.5 (2024-03-28) [stable]

** Bug fixes

chmod -R now avoids a race where an attacker may replace a traversed file

with a symlink, causing chmod to operate on an unintended file.

[This bug was present in "the beginning".]

cp, mv, and install no longer issue spurious diagnostics like "failed

to preserve ownership" when copying to GNU/Linux CIFS file systems.

They do this by working around some Linux CIFS bugs.

cp --no-preserve=mode will correctly maintain set-group-ID bits

for created directories. Previously on systems that didn't support ACLs,

cp would have reset the set-group-ID bit on created directories.

[bug introduced in coreutils-8.20]

join and uniq now support multi-byte characters better.

For example, 'join -tX' now works even if X is a multi-byte character,

and both programs now treat multi-byte characters like U+3000

IDEOGRAPHIC SPACE as blanks if the current locale treats them so.

numfmt options like --suffix no longer have an arbitrary 127-byte limit.

[bug introduced with numfmt in coreutils-8.21]

mktemp with --suffix now better diagnoses templates with too few X's.

Previously it conflated the insignificant --suffix in the error.

[bug introduced in coreutils-8.1]

sort again handles thousands grouping characters in single-byte locales

where the grouping character is greater than CHAR_MAX. For e.g. signed

character platforms with a 0xA0 (aka &nbsp) grouping character.

[bug introduced in coreutils-9.1]

split --line-bytes with a mixture of very long and short lines

no longer overwrites the heap (CVE-2024-0684).

[bug introduced in coreutils-9.2]

tail no longer mishandles input from files in /proc and /sys file systems,

on systems with a page size larger than the stdio BUFSIZ.

[This bug was present in "the beginning".]

timeout avoids a narrow race condition, where it might kill arbitrary

processes after a failed process fork.

[bug introduced with timeout in coreutils-7.0]

timeout avoids a narrow race condition, where it might fail to

kill monitored processes immediately after forking them.

[bug introduced with timeout in coreutils-7.0]

wc no longer fails to count unprintable characters as parts of words.

[bug introduced in textutils-2.1]

** Changes in behavior

base32 and base64 no longer require padding when decoding.

Previously an error was given for non padded encoded data.

base32 and base64 have improved detection of corrupted encodings.

Previously encodings with non zero padding bits were accepted.

basenc --base16 -d now supports lower case hexadecimal characters.

Previously an error was given for lower case hex digits.

cp --no-clobber, and mv -n no longer exit with failure status if

existing files are encountered in the destination. Instead they revert

to the behavior from before v9.2, silently skipping existing files.

ls --dired now implies long format output without hyperlinks enabled,

and will take precedence over previously specified formats or hyperlink mode.

numfmt will accept lowercase 'k' to indicate Kilo or Kibi units on input,

and uses lowercase 'k' when outputting such units in '--to=si' mode.

pinky no longer tries to canonicalize the user's login location by default,

rather requiring the new --lookup option to enable this often slow feature.

wc no longer ignores encoding errors when counting words.

Instead, it treats them as non white space.

** New features

chgrp now accepts the --from=OWNER:GROUP option to restrict changes to files

with matching current OWNER and/or GROUP, as already supported by chown(1).

chmod adds support for -h, -H,-L,-P, and --dereference options, providing

more control over symlink handling. This supports more secure handling of

CLI arguments, and is more consistent with chown, and chmod on other systems.

cp now accepts the --keep-directory-symlink option (like tar), to preserve

and follow existing symlinks to directories in the destination.

cp and mv now accept the --update=none-fail option, which is similar

to the --no-clobber option, except that existing files are diagnosed,

and the command exits with failure status if existing files.

The -n,--no-clobber option is best avoided due to platform differences.

env now accepts the -a,--argv0 option to override the zeroth argument

of the command being executed.

mv now accepts an --exchange option, which causes the source and

destination to be exchanged. It should be combined with

--no-target-directory (-T) if the destination is a directory.

The exchange is atomic if source and destination are on a single

file system that supports atomic exchange; --exchange is not yet

supported in other situations.

od now supports printing IEEE half precision floating point with -t fH,

or brain 16 bit floating point with -t fB, where supported by the compiler.

tail now supports following multiple processes, with repeated --pid options.

** Improvements

cp,mv,install,cat,split now read and write a minimum of 256KiB at a time.

This was previously 128KiB and increasing to 256KiB was seen to increase

throughput by 10-20% when reading cached files on modern systems.

env,kill,timeout now support unnamed signals. kill(1) for example now

supports sending such signals, and env(1) will list them appropriately.

SELinux operations in file copy operations are now more efficient,

avoiding unneeded MCS/MLS label translation.

sort no longer dynamically links to libcrypto unless -R is used.

This decreases startup overhead in the typical case.

wc is now much faster in single-byte locales and somewhat faster in

multi-byte locales.

#gnu #gnuorg #opensource

There are no comments yet.