Warning: the version 0.3.5 has one or more vulnerabilities, it is not recommended to use it. Vulnerabilities fixed in versions: 0.3.9.2, 0.4.1, 1.7.1, 1.9.1.

Packages:

• weechat-0.3.5.tar.xz (1.4 MB, SHA512)
• weechat-0.3.5.tar.bz2 (2.0 MB, SHA512)
• weechat-0.3.5.tar.gz (2.8 MB, SHA512)
• debian/squeeze/0.3.5/
• ubuntu/natty/0.3.5/
• ubuntu/lucid/0.3.5/

Checking the signatures:

• Import the gpg key:

  $ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys A9AB5AB778FA5C3522FD0378F82F4B16DEC408F8

• Display the fingerprint:

  $ gpg --fingerprint A9AB5AB778FA5C3522FD0378F82F4B16DEC408F8

• Check that the fingerprint is correct by asking to a developer on #weechat (chat.freenode.net).
• Trust the key:

  $ gpg --edit-key A9AB5AB778FA5C3522FD0378F82F4B16DEC408F8
  gpg> trust

• In directory with package + signature:

  $ gpg --verify weechat-0.3.5.tar.xz.asc weechat-0.3.5.tar.xz

• If the signature is OK you should see a message like this one:

  gpg: Signature made Sat 20 Oct 2012 07:36:35 PM CEST using RSA key ID DEC408F8
  gpg: Good signature from "WeeChat (signing key) <webmaster@weechat.org>"