[gnutls-help] guile-gnutls-5.0.2 released [stable]

Simon Josefsson simon at josefsson.org
Wed Jun 17 16:50:34 CEST 2026 

This is to announce guile-gnutls-5.0.2, a stable release.

Guile-GnuTLS provides Guile bindings for the GnuTLS library.

There have been 25 commits by 2 people in the 48 weeks since 5.0.1.

See the NEWS below for a brief summary.

Thanks to everyone who has contributed!
The following people contributed changes to this release:

  Dariqq (7)
  Simon Josefsson (18)

Happy Hacking,
Simon
==================================================================

Here is the Guile-GnuTLS home page:
  https://codeberg.org/guile-gnutls/guile-gnutls/

Manual:
  https://gsasl.gitlab.io/guile-gnutls/manual/
  https://gsasl.gitlab.io/guile-gnutls/manual/gnutls-guile.html - HTML format
  https://gsasl.gitlab.io/guile-gnutls/manual/gnutls-guile.pdf - PDF format

If you need help to use Guile-GnuTLS, or want to help others, you are
invited to join our mailing list, see:
  https://lists.gnupg.org/mailman/listinfo/gnutls-help

The release is available here:
  https://codeberg.org/guile-gnutls/guile-gnutls/releases/tag/v5.0.2

Here is minimal source-only "git archive" sources:
  https://ftp.gnu.org/gnu/gnutls/guile-gnutls-v5.0.2-src.tar.gz
  https://ftp.gnu.org/gnu/gnutls/guile-gnutls-v5.0.2-src.tar.gz.sig

Here are Sigsum Proofs:
  https://ftp.gnu.org/gnu/gnutls/guile-gnutls-5.0.2.tar.gz.proof
  https://ftp.gnu.org/gnu/gnutls/guile-gnutls-v5.0.2-src.tar.gz.proof

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

Here are the SHA256 and SHA3-256 checksums:

  SHA256 (guile-gnutls-5.0.2.tar.gz) = droqD0ft3n/S9YP8EWLtHOgzm9r36dnMOTh/zJX7k1s=
  SHA3-256 (guile-gnutls-5.0.2.tar.gz) = xQrckFtQm7aJDSCtXaumqipeuVTjD2dpG/3VXgGqSXE=

  SHA256 (guile-gnutls-v5.0.2-src.tar.gz) = T/bVe5REyZsNlp66UtUcgMT8unrsa2EMDMx9FhMVO7w=
  SHA3-256 (guile-gnutls-v5.0.2-src.tar.gz) = YZoDPA6N9RICUFssNEixuUeFTfeCFvxZcpIqjWkq/5g=

Verify the base64 SHA256 checksum with 'cksum -a sha256 --check'
from coreutils-9.2 or OpenBSD's cksum since 2007.

Verify the base64 SHA3-256 checksum with 'cksum -a sha3 --check'
from coreutils-9.8.

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify guile-gnutls-5.0.2.tar.gz.sig

If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the 'gpg --verify' command.

  gpg --locate-external-key simon at josefsson.org

  gpg --recv-keys 51722B08FE4745A2

As a last resort to find the key, you can try the official GNU
keyring:

  wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
  gpg --keyring gnu-keyring.gpg --verify guile-gnutls-5.0.2.tar.gz.sig

Use the .proof files to verify the Sigsum proof.  These files are like
signatures but with extra transparency: you can cryptographically verify
that every signature is logged in a public append-only log, so you can
say with confidence what signatures exists.  This makes hidden releases
no longer deniable for the same public key.

Releases are Sigsum-signed with the following public key:

  cat <<EOF > guile-gnutls-sigsum-key.pub
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILzCFcHHrKzVSPDDarZPYqn89H5TPaxwcORgRg+4DagE
EOF

Run a command like this to verify downloaded artifacts:

  sigsum-verify -k guile-gnutls-sigsum-key.pub -P sigsum-generic-2025-1 \
        guile-gnutls-5.0.2.tar.gz.proof < guile-gnutls-5.0.2.tar.gz

You may learn more about Sigsum concepts and find instructions how to
download the tools here: https://www.sigsum.org/getting-started/

This release is based on the guile-gnutls git repository, available as

  git clone https://codeberg.org/guile-gnutls/guile-gnutls.git

with commit 4fc0dc07ff3f40a43406f4d982bbd09971289264 tagged as v5.0.2.

For a summary of changes and contributors, see:

  https://codeberg.org/guile-gnutls/guile-gnutls/compare/v5.0.1...v5.0.2

or run this command from a git-cloned guile-gnutls directory:

  git shortlog v5.0.1..v5.0.2

This release was bootstrapped with the following tools:
  Autoconf 2.72
  Automake 1.17
  Git 2.52.0
  Gnulib 9297749090b01720888dceeb5f6dab3d52dcef40
  Gzip 1.14
  Libtoolize 2.4.7
  Make 4.4.1
  Makeinfo 7.1.1
  Tar 1.35
  Guix 1.5.0rc1

NEWS.md

# Noteworthy changes in release 5.0.2 (2026-06-17) [stable]

** Bind more X.509 certificate functions.
Patch by Dariqq, see
<https://codeberg.org/guile-gnutls/guile-gnutls/pulls/78>.
- gnutls_x509_crt_get_dn_by_oid
- gnutls_x509_crt_get_issuer_dn_by_oid
- gnutls_x509_crt_print

** Add rawpk certificate type.
Patch by Dariqq, see
<https://codeberg.org/guile-gnutls/guile-gnutls/pulls/91>.

** Fix alloca handling on FreeBSD.
Patch by Dariqq, see
<https://codeberg.org/guile-gnutls/guile-gnutls/issues/85> and
<https://codeberg.org/guile-gnutls/guile-gnutls/pulls/88>.

** NEWS file renamed to NEWS.md and uses markdown syntax.
For backwards compatibility, NEWS and README in git are symlinks to
NEWS.md and README.md respectively, which ends up as a duplicated
files in tarballs.  Eventually the README and NEWS files may be
removed in favor of only README.md and NEWS.md.

** Update gnulib files and various build/maintenance fixes.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1251 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20260617/7a743306/attachment.sig>

More information about the Gnutls-help mailing list