Releases: mtrojnar/osslsigncode
Releases · mtrojnar/osslsigncode
2.13
2.13 (2026.02.10)
MULTIPLE SECURITY VULNERABILITIES
This release includes important security fixes. Users are strongly encouraged
to upgrade, as the issues below may be exploitable when processing untrusted
files.
- fixed integer overflows when processing APPX compressed data streams
(by Małgorzata Olszówka) - fixed double-free vulnerabilities in APPX file processing
(by Małgorzata Olszówka) - fixed multiple memory corruption issues in PE page hash computation
(by Antoni Klajn (Opera) and Małgorzata Olszówka)
2.12
2.12 (2026.02.02)
CRITICAL SECURITY VULNERABILITY
This release fixes a critical memory corruption vulnerability. A malicious
attacker could create a signed file, which, when verified with osslsigncode,
triggers arbitrary code execution. Any previous version of osslsigncode should
be immediately upgraded if the tool is used for verification of untrusted
files.
- fixed a buffer overflow while extracting message digests
(reported and fixed by Antoni Klajn, Opera)
2.11
2.11 (2026.01.20)
- added keyUsage validation for signer certificate
(thanks to Hanqing Zhao and Zi-Quan You for reporting the issue) - added printing CRL details during signature verification
- implemented a workaround for CRL servers returning the HTTP Content-Type
header other than application/pkix-crl (thanks to Chris Thibodeaux) - fixed HTTP keep-alive handling
- fixed macOS compiler and linker flags
- fixed undefined BIO_get_fp() behavior with BIO_FLAGS_UPLINK_INTERNAL
2.10
2.10 (2025.06.23)
- added JavaScript signing
- added PKCS#11 provider support (requires OpenSSL 3.0+)
- added support for providers without specifying "-pkcs11module" option
(OpenSSL 3.0+, e.g., for the upcoming CNG provider) - added compatibility with the CNG engine version 1.1 or later
- added the "-engineCtrl" option to control hardware and CNG engines
- added the '-blobFile' option to specify a file containing the blob content
- improved unauthenticated blob support (thanks to Asger Hautop Drewsen)
- improved UTF-8 handling for certificate subjects and issuers
- fixed support for multiple signerInfo contentType OIDs (CTL and Authenticode)
- fixed tests for python-cryptography >= 43.0.0
2.9
2.9 (2024.06.29)
- added a 64 bit long pseudo-random NONCE in the TSA request
- missing NID_pkcs9_signingTime is no longer an error
- added support for PEM-encoded CRLs
- fixed the APPX central directory sorting order
- added a special "-" file name to read the passphrase from stdin
(by Steve McIntyre) - used native HTTP client with OpenSSL 3.x, removing libcurl dependency
- added '-login' option to force a login to PKCS11 engines
(by Brad Hughes) - added the "-ignore-crl" option to disable fetching and verifying
CRL Distribution Points - changed error output to stderr instead of stdout
- various testing framework improvements
- various memory corruption fixes
2.8
2.8 (2024.03.03)
- Microsoft PowerShell signing sponsored by Cisco Systems, Inc.
- fixed setting unauthenticated attributes (Countersignature, Unauthenticated
Data Blob) in a nested signature - added the "-index" option to verify a specific signature or modify its
unauthenticated attributes - added CAT file verification
- added listing the contents of a CAT file with the "-verbose" option
- added the new "extract-data" command to extract a PKCS#7 data content to be
signed with "sign" and attached with "attach-signature" - added PKCS9_SEQUENCE_NUMBER authenticated attribute support
- added the "-ignore-cdp" option to disable CRL Distribution Points (CDP)
online verification - unsuccessful CRL retrieval and verification changed into a critical error
- the "-p" option modified to also use to configured proxy to connect CRL
Distribution Points - added implicit allowlisting of the Microsoft Root Authority serial number
00C1008B3C3C8811D13EF663ECDF40 - added listing of certificate chain retrieved from the signature in case of
verification failure
2.7
2.7 (2023.09.19)
- fixed signing CAB files (by Michael Brown)
- fixed handling of unsupported commands (by Maxim Bagryantsev)
- fixed writing DIFAT sectors
- added APPX support (by Maciej Panek and Małgorzata Olszówka)
- added a built-in TSA response generation (-TSA-certs, -TSA-key
and -TSA-time options)
2.6
2.6 (2023.05.29)
- modular architecture implemented to simplify adding file formats
- added verification of CRLs specified in the signing certificate
- added MSI DIFAT sectors support (by Max Bagryantsev)
- added legacy provider support for OpenSSL 3.0.0 and later
- fixed numerous bugs
osslsigncode 2.5
2.5 (2022.08.12)
- fixed the Unix executable install path
- fixed the hardcoded "pkcs11" engine id
- fixed building with MinGW
- fixed testing with the python3 distributed with Ubuntu 18.04
osslsigncode 2.4
2.4 (2022.08.02)
- migrated the build system from GNU Autoconf to CMake
- added the "-h" option to set the cryptographic hash function for the "attach -signature" and "add" commands
- set the default hash function to "sha256"
- added the "attach-signature" option to compute and compare the leaf certificate hash for the "add" command
- renamed the "-st" option "-time" (the old name is accepted for compatibility)
- updated the "-time" option to also set explicit verification time
- added the "-ignore-timestamp" option to disable timestamp server signature verification
- removed the "-timestamp-expiration" option
- fixed several bugs
- updated the included documentation
- enabled additional compiler/linker hardening options
- added CI based on GitHub Actions