A new version of the GNU Autoconf Archive is available for download.
Here are the compressed sources and a GPG detached signature:


Use a mirror for higher download bandwidth:


Here are the SHA1 and SHA256 checksums:

e26d15db0f1ec60e9ea8ff024cf3ee895fa2eabd  autoconf-archive-2023.02.20.tar.xz
cdQEhHmuKPH1eUYZw9ct+cAd9JscYo74X943WW3DGjM  autoconf-archive-2023.02.20.tar.xz

The SHA256 checksum is base64 encoded, instead of the
hexadecimal encoding that most checksum tools default to.

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify autoconf-archive-2023.02.20.tar.xz.sig

The signature should match the fingerprint of the following key:

  pub   rsa2048 2003-12-16 [SC]
        1A4F 63A1 3A46 49B6 32F6  5EE1 41BC 28FE 9908 9D72
  uid   Peter Simons <sim...@cryp.to>

If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the 'gpg --verify' command.

  gpg --locate-external-key sim...@cryp.to

  gpg --recv-keys 99089D72

  wget -q -O- 
 | gpg --import -

As a last resort to find the key, you can try the official GNU

  wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
  gpg --keyring gnu-keyring.gpg --verify autoconf-archive-2023.02.20.tar.xz.sig

Attachment: signature.asc
Description: PGP signature

Reply via email to