sed-4.9 released

posted by Roy Schestowitz on Nov 07, 2022

This is to announce sed-4.9, a stable release.


There have been 51 commits by 9 people in the nearly three years since 4.8.


See the NEWS below for a brief summary.


Thanks to everyone who has contributed!
The following people contributed changes to this release:


  Antonio Diaz Diaz (1)
  Assaf Gordon (5)
  Chris Marusich (1)
  Jim Meyering (28)
  Marvin Schmidt (1)
  Oğuz (1)
  Paul Eggert (11)
  Renaud Pacalet (1)
  Tobias Stoeckmann (2)


Jim [on behalf of the sed maintainers]
==================================================================


Here is the GNU sed home page:
    http://gnu.org/s/sed/


For a summary of changes and contributors, see:
  http://git.sv.gnu.org/gitweb/?p=sed.git;a=shortlog;h=v4.9
or run this command from a git-cloned sed directory:
  git shortlog v4.8..v4.9


To summarize the 2383 gnulib-related changes, run these commands
from a git-cloned sed directory:
  git checkout v4.9
  git submodule summary v4.8


==================================================================
Here are the compressed sources:
  https://ftp.gnu.org/gnu/sed/sed-4.9.tar.gz   (2.2MB)
  https://ftp.gnu.org/gnu/sed/sed-4.9.tar.xz   (1.4MB)


Here are the GPG detached signatures:
  https://ftp.gnu.org/gnu/sed/sed-4.9.tar.gz.sig
  https://ftp.gnu.org/gnu/sed/sed-4.9.tar.xz.sig


Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html


Here are the SHA1 and SHA256 checksums:


69ad1f6be316fff4b23594287f16dfd14cd88093  sed-4.9.tar.gz
0UeKGPAzpzrBaCKQH2Uz0wtr5WG8vORv/Xq86TYCKC4  sed-4.9.tar.gz
8ded1b543f1f558cbd5d7b713602f6a8ee84bde4  sed-4.9.tar.xz
biJrcy4c1zlGStaGK9Ghq6QteYKSLaelNRljHSSXUYE  sed-4.9.tar.xz


The SHA256 checksum is base64 encoded, instead of the
hexadecimal encoding that most checksum tools default to.


Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:


  gpg --verify sed-4.9.tar.gz.sig


The signature should match the fingerprint of the following key:


  pub   rsa4096/0x7FD9FCCB000BEEEE 2010-06-14 [SCEA]
        Key fingerprint = 155D 3FC5 00C8 3448 6D1E  EA67 7FD9 FCCB 000B EEEE
  uid                   [ unknown] Jim Meyering 
  uid                   [ unknown] Jim Meyering 
  uid                   [ unknown] Jim Meyering 


If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the 'gpg --verify' command.


  gpg --locate-external-key jim@meyering.net


  gpg --recv-keys 7FD9FCCB000BEEEE


  wget -q -O- 'https://savannah.gnu.org/project/release-gpgkeys.php?group=sed&download=1' | gpg --import -


As a last resort to find the key, you can try the official GNU
keyring:


  wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
  gpg --keyring gnu-keyring.gpg --verify sed-4.9.tar.gz.sig


This release was bootstrapped with the following tools:
  Autoconf 2.72a.65-d081
  Automake 1.16i
  Gnulib v0.1-5550-g0524746392


NEWS


* Noteworthy changes in release 4.9 (2022-11-06) [stable]


** Bug fixes


  'sed --follow-symlinks -i' no longer loops forever when its operand
  is a symbolic link cycle.
  [bug introduced in sed 4.2]


  a program with an execution line longer than 2GB can no longer trigger
  an out-of-bounds memory write.


  using the R command to read an input line of length longer than 2GB
  can no longer trigger an out-of-bounds memory read.


  In locales using UTF-8 encoding, the regular expression '.' no
  longer sometimes fails to match Unicode characters U+D400 through
  U+D7FF (some Hangul Syllables, and Hangul Jamo Extended-B) and
  Unicode characters U+108000 through U+10FFFF (half of Supplemental
  Private Use Area plane B).
  [bug introduced in sed 4.8]


  I/O errors involving temp files no longer confuse sed into using a
  FILE * pointer after fclosing it, which has undefined behavior in C.


** New Features


  The 'r' command now accepts address 0, allowing inserting a file before
  the first line.


** Changes in behavior


   Sed now prints the less-surprising variant in a corner case of
   POSIX-unspecified behavior.  Before, this would print "n".
   Now, it prints "X":


    printf n | sed 'sn\nnXn'; echo

Read on