From 699bc85d0a0a76bd9cc96adc3199354083de26fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Trojnara?= Date: Sun, 3 Mar 2024 23:32:15 +0100 Subject: [PATCH] Release 2.8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: MichaƂ Trojnara --- .github/workflows/ci.yml | 2 +- CMakeLists.txt | 2 +- NEWS.md | 35 ++++++++++++++++++----------------- 3 files changed, 20 insertions(+), 19 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b214f7a..527b979 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,7 +7,7 @@ on: env: # Customize the CMake build type here (Release, Debug, RelWithDebInfo, etc.) BUILD_TYPE: Release - version: osslsigncode-2.8-dev + version: osslsigncode-2.8 jobs: build: diff --git a/CMakeLists.txt b/CMakeLists.txt index 3e3dd14..76ec537 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -16,7 +16,7 @@ project(osslsigncode LANGUAGES C) # force nonstandard version format for development packages -set(DEV "-dev") +set(DEV "") set(PROJECT_VERSION "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}${DEV}") # version and contact information diff --git a/NEWS.md b/NEWS.md index 26b6be6..81a0c5c 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,25 +1,26 @@ # osslsigncode change log -### 2.8 (unreleased) +### 2.8 (2024.03.03) - Microsoft PowerShell signing sponsored by Cisco Systems, Inc. -- fixed setting unauthenticated attributes (Countersignature, - Unauthenticated Data Blob) in a nested signature -- added support for verifying the signature at a certain position ("-index" option) -- added support for adding unauthenticated attributes to the signature - at a certain position ("-index" option) -- added CAT file verification and listing each member of the CAT file - by using the "-verbose" option -- added new command "extract-data" to extract a PKCS#7 data content to be signed -- PKCS9_SEQUENCE_NUMBER authenticated attribute support +- fixed setting unauthenticated attributes (Countersignature, Unauthenticated + Data Blob) in a nested signature +- added the "-index" option to verify a specific signature or modify its + unauthenticated attributes +- added CAT file verification +- added listing the contents of a CAT file with the "-verbose" option +- added the new "extract-data" command to extract a PKCS#7 data content to be + signed with "sign" and attached with "attach-signature" +- added PKCS9_SEQUENCE_NUMBER authenticated attribute support - added the "-ignore-cdp" option to disable CRL Distribution Points (CDP) - online verification, inability to retrieve CRL from CDP is a critical error -- modified the "-p" option to also connect to CRL Distribution Points - through the configured proxy when verifying -- added Microsoft Root Authority, serial number: 00C1008B3C3C8811D13EF663ECDF40 - to the certificate whitelist -- added listing of certificate chain retrieved from the signature in case - of verification failure + online verification +- unsuccessful CRL retrieval and verification changed into a critical error +- the "-p" option modified to also use to configured proxy to connect CRL + Distribution Points +- added implicit allowlisting of the Microsoft Root Authority serial number + 00C1008B3C3C8811D13EF663ECDF40 +- added listing of certificate chain retrieved from the signature in case of + verification failure ### 2.7 (2023.09.19)