sed @ Savannah: sed-4.9 released [stable]
This is to announce sed-4.9, a stable release.
There have been 51 commits by 9 people in the nearly three years since 4.8.
See the NEWS below for a brief summary.
Thanks to everyone who has contributed!
The following people contributed changes to this release:
Antonio Diaz Diaz (1)
Assaf Gordon (5)
Chris Marusich (1)
Jim Meyering (28)
Marvin Schmidt (1)
Paul Eggert (11)
Renaud Pacalet (1)
Tobias Stoeckmann (2)
Jim [on behalf of the sed maintainers] ==================================================================
Here is the GNU sed home page:
For a summary of changes and contributors, see:
or run this command from a git-cloned sed directory:
git shortlog v4.8..v4.9
To summarize the 2383 gnulib-related changes, run these commands
from a git-cloned sed directory:
git checkout v4.9
git submodule summary v4.8
Here are the compressed sources:
Here are the GPG detached signatures:
Use a mirror for higher download bandwidth:
Here are the SHA1 and SHA256 checksums:
The SHA256 checksum is base64 encoded, instead of the
hexadecimal encoding that most checksum tools default to.
Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:
gpg --verify sed-4.9.tar.gz.sig
The signature should match the fingerprint of the following key:
pub rsa4096/0x7FD9FCCB000BEEEE 2010-06-14 [SCEA] Key fingerprint = 155D 3FC5 00C8 3448 6D1E EA67 7FD9 FCCB 000B EEEE
uid [ unknown] Jim Meyering <firstname.lastname@example.org>
uid [ unknown] Jim Meyering <email@example.com>
uid [ unknown] Jim Meyering <firstname.lastname@example.org>
If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the 'gpg --verify' command.
gpg --locate-external-key email@example.com
gpg --recv-keys 7FD9FCCB000BEEEE
wget -q -O- 'https://savannah.gnu.org/project/release-gpgkeys.php?group=sed&download=1' | gpg --import -
As a last resort to find the key, you can try the official GNU
wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
gpg --keyring gnu-keyring.gpg --verify sed-4.9.tar.gz.sig
This release was bootstrapped with the following tools:
* Noteworthy changes in release 4.9 (2022-11-06) [stable]
** Bug fixes
'sed --follow-symlinks -i' no longer loops forever when its operand
is a symbolic link cycle.
[bug introduced in sed 4.2]
a program with an execution line longer than 2GB can no longer trigger
an out-of-bounds memory write.
using the R command to read an input line of length longer than 2GB
can no longer trigger an out-of-bounds memory read.
In locales using UTF-8 encoding, the regular expression '.' no
longer sometimes fails to match Unicode characters U+D400 through
U+D7FF (some Hangul Syllables, and Hangul Jamo Extended-B) and
Unicode characters U+108000 through U+10FFFF (half of Supplemental
Private Use Area plane B).
[bug introduced in sed 4.8]
I/O errors involving temp files no longer confuse sed into using a
FILE * pointer after fclosing it, which has undefined behavior in C.
** New Features
The 'r' command now accepts address 0, allowing inserting a file before
the first line.
** Changes in behavior
Sed now prints the less-surprising variant in a corner case of
POSIX-unspecified behavior. Before, this would print "n".
Now, it prints "X":
printf n | sed 'sn\nnXn'; echo
Source: Planet GNU