Revisions of osslsigncode
buildservice-autocommit
accepted
request 968270
from
Dirk Mueller (dirkmueller)
(revision 3)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 2)
- update to 2.3.0: * This release fixes several critical memory corruption vulnerabilities. A malicious attacker could create a file, which, when processed with osslsigncode, triggers arbitrary code execution. Any previous version of osslsigncode should be immediately upgraded if the tool is used for processing of untrusted files. * fixed non-interactive PVK (MSBLOB) key decryption * added a bash completion script * added CA bundle path auto-detection * CAT files support (thanks to James McKenzie) * MSI support rewritten without libgsf dependency, which allows * for handling of all the needed MSI metadata, such as dates * "-untrusted" option renamed to "-TSA-CAfile" * "-CRLuntrusted" option renamed to "-TSA-CRLfile" * numerous bug fixes and improvements * certificate chain verification support * timestamp verification support * CRL verification support ("-CRLfile" option) * improved CAB signature support * nested signatures support * user-specified signing time ("-st" option) by vszakats * added more tests * fixed numerous bugs * dropped OpenSSL 1.1.0 support * orphaned project adopted by MichaĆ Trojnara * ported to OpenSSL 1.1.x * ported to SoftHSM2 * add support for pkcs11-based hardware tokens * improved error reporting of timestamping errors - drop 0001-Make-code-work-with-OpenSSL-1.1.patch (obsolete)
Dirk Mueller (dirkmueller)
committed
(revision 1)
Displaying all 3 revisions