[gnutls-help] guile-gnutls-3.7.12 released [stable]

Simon Josefsson simon at josefsson.org
Mon May 8 15:48:39 CEST 2023

Guile-GnuTLS provides Guile bindings for the GnuTLS library.

Project homepage:

The release is available here:


Here are the compressed sources and a GPG detached signature:

Use a mirror for higher download bandwidth:

Here are the SHA1 and SHA256 checksums:

e89bdcaff02235ce4fd2b6e479eff431754a5698  guile-gnutls-3.7.12.tar.gz
XTrxFXMJPeWfJYQVhy4sWxTMqd0lGosuwWQ9bpf+4zY  guile-gnutls-3.7.12.tar.gz

The SHA256 checksum is base64 encoded, instead of the
hexadecimal encoding that most checksum tools default to.

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify guile-gnutls-3.7.12.tar.gz.sig

The signature should match the fingerprint of the following key:

  pub   ed25519 2019-03-20 [SC]
        B1D2 BD13 75BE CB78 4CF4  F8C4 D73C F638 C53C 06BE
  uid   Simon Josefsson <simon at josefsson.org>

If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the 'gpg --verify' command.

  gpg --locate-external-key simon at josefsson.org

  gpg --recv-keys 51722B08FE4745A2

As a last resort to find the key, you can try the official GNU

  wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
  gpg --keyring gnu-keyring.gpg --verify guile-gnutls-3.7.12.tar.gz.sig

This release was bootstrapped with the following tools:
  Autoconf 2.71
  Automake 1.16.5
  Makeinfo 7.0.3


* Noteworthy changes in release 3.7.12 (2023-05-08) [stable]

** The gnutls-guile library can now use newer gnutls features.
It is possible to use newer GnuTLS features, such as new algorithms
and new functions, without sacrificing compatibility with older GnuTLS
implementations. The enumeration values that are not available for the
GnuTLS you build gnutls-guile against will simply be undefined. You
can check whether a function is available with `(defined? 'hmac-copy)`
(here for hmac-copy).

** Bind the HMAC and hash functions from GnuTLS.

** Correctly handle blocking writes to session record ports

Happy hacking,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 255 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20230508/41fa5aa5/attachment.sig>

More information about the Gnutls-help mailing list