I'm very pleased to announce the release of a new version of GNU PSPP.
PSPP is a program for statistical analysis of sampled data. It is a
free replacement for the proprietary program SPSS.

This fixes a number of bugs that were reported as security
vulnerabilities. I do not think that that these are serious
vulnerabilities. I still recommend that users upgrade

Here are the compressed sources and a GPG detached signature[*]:
ftp://ftp.gnu.org/gnu/pspp/pspp-1.0.1.tar.gz
ftp://ftp.gnu.org/gnu/pspp/pspp-1.0.1.tar.gz.sig

Use a mirror for higher download bandwidth:
http://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify pspp-1.0.1.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys C6648E90

and rerun the 'gpg --verify' command.

Changes from 1.0.0 to 1.0.1:

* Bug fixes, including fixes for CVE-2017-12958, CVE-2017-12959,
CVE-2017-12960, and CVE-2017-12961.