- update to 2.3.0:
* This release fixes several critical memory corruption vulnerabilities.
A malicious attacker could create a file, which, when processed with
osslsigncode, triggers arbitrary code execution. Any previous version
of osslsigncode should be immediately upgraded if the tool is used for
processing of untrusted files.
* fixed non-interactive PVK (MSBLOB) key decryption
* added a bash completion script
* added CA bundle path auto-detection
* CAT files support (thanks to James McKenzie)
* MSI support rewritten without libgsf dependency, which allows
* for handling of all the needed MSI metadata, such as dates
* "-untrusted" option renamed to "-TSA-CAfile"
* "-CRLuntrusted" option renamed to "-TSA-CRLfile"
* numerous bug fixes and improvements
* certificate chain verification support
* timestamp verification support
* CRL verification support ("-CRLfile" option)
* improved CAB signature support
* nested signatures support
* user-specified signing time ("-st" option) by vszakats
* added more tests
* fixed numerous bugs
* dropped OpenSSL 1.1.0 support
* orphaned project adopted by Michał Trojnara
* ported to OpenSSL 1.1.x
* ported to SoftHSM2
* add support for pkcs11-based hardware tokens
* improved error reporting of timestamping errors
- drop 0001-Make-code-work-with-OpenSSL-1.1.patch (obsolete)