Skip to content

osslsigncode 2.3
Compare
Choose a tag to compare
@mtrojnar mtrojnar released this 06 Mar 19:20
· 330 commits to master since this release
2.3
73d7cf0

2.3 (2022.03.06)

CRITICAL SECURITY VULNERABILITIES

This release fixes several critical memory corruption vulnerabilities.
A malicious attacker could create a file, which, when processed with
osslsigncode, triggers arbitrary code execution. Any previous version
of osslsigncode should be immediately upgraded if the tool is used for
processing of untrusted files.

  • fixed several memory safety issues
  • fixed non-interactive PVK (MSBLOB) key decryption
  • added a bash completion script
  • added CA bundle path auto-detection
Assets 6
Loading