osslsigncode-2.10-1.1 RPM for armv7hl

From OpenSuSE Ports Tumbleweed for armv7hl

osslsigncode is a small utility for placing signatures on Microsoft cabinate
files and executables.

Provides

• osslsigncode
• osslsigncode(armv7hl-32)

Requires

• ld-linux-armhf.so.3
• ld-linux-armhf.so.3(GLIBC_2.4)
• libc.so.6
• libc.so.6(GLIBC_2.33)
• libc.so.6(GLIBC_2.34)
• libc.so.6(GLIBC_2.4)
• libcrypto.so.3
• libcrypto.so.3(OPENSSL_3.0.0)
• libgcc_s.so.1
• libgcc_s.so.1(GCC_3.5)
• libssl.so.3
• libssl.so.3(OPENSSL_3.0.0)
• libz.so.1
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

GPL-3.0-only

Changelog

* Sat Jul 12 2025 Dirk Müller <dmueller@suse.com>
  - update to 2.10:
    * added JavaScript signing
    * added PKCS#11 provider support (requires OpenSSL 3.0+)
    * added support for providers without specifying
      "-pkcs11module" option
    * (OpenSSL 3.0+, e.g., for the upcoming CNG provider)
    * added compatibility with the CNG engine version 1.1 or later
    * added the "-engineCtrl" option to control hardware and CNG
      engines
    * added the '-blobFile' option to specify a file containing the
      blob content
    * improved unauthenticated blob support (thanks to Asger Hautop
      Drewsen)
    * improved UTF-8 handling for certificate subjects and issuers
    * fixed support for multiple signerInfo contentType OIDs (CTL
      and Authenticode)
    * fixed tests for python-cryptography >= 43.0.0
  - update to version 2.9:
    * added a 64 bit long pseudo-random NONCE in the TSA request
    * missing NID_pkcs9_signingTime is no longer an error
    * added support for PEM-encoded CRLs
    * fixed the APPX central directory sorting order
    * added a special "-" file name to read the passphrase from
      stdin
    * used native HTTP client with OpenSSL 3.x, removing libcurl
      dependency
    * added '-login' option to force a login to PKCS11 engines
    * added the "-ignore-crl" option to disable fetching and
      verifying CRL Distribution Points
    * changed error output to stderr instead of stdout
    * various testing framework improvements
    * various memory corruption fixes
  - update to version 2.8:
    * Microsoft PowerShell signing sponsored by Cisco Systems, Inc.
    * fixed setting unauthenticated attributes (Countersignature,
      Unauthenticated
    * Data Blob) in a nested signature
    * added the "-index" option to verify a specific signature or
      modify its unauthenticated attributes
    * added CAT file verification
    * added listing the contents of a CAT file with the "-verbose"
      option
    * added the new "extract-data" command to extract a PKCS#7 data
      content to be signed with "sign" and attached with "attach-signature"
    * added PKCS9_SEQUENCE_NUMBER authenticated attribute support
    * added the "-ignore-cdp" option to disable CRL Distribution
      Points (CDP) online verification
    * unsuccessful CRL retrieval and verification changed into a
      critical error the "-p" option modified to also use to
      configured proxy to connect CRL Distribution Points
    * added implicit allowlisting of the Microsoft Root Authority
      serial number 00C1008B3C3C8811D13EF663ECDF40
    * added listing of certificate chain retrieved from the
      signature in case of verification failure
* Wed Dec 20 2023 Radoslav Kolev <radoslav.kolev@suse.com>
  - update to 2.7.0
    * fixed signing CAB files (by Michael Brown)
    * fixed handling of unsupported commands (by Maxim Bagryantsev)
    * fixed writing DIFAT sectors
    * added APPX support (by Maciej Panek and Małgorzata Olszówka)
    * added a built-in TSA response generation (-TSA-certs, -TSA-key
      and -TSA-time options)
    * added verification of CRLs specified in the signing certificate
    * added MSI DIFAT sectors support (by Max Bagryantsev)
    * added the "-h" option to set the cryptographic hash function for the
      "attach -signature" and "add" commands
    * set the default hash function to "sha256"
    * added the "attach-signature" option to compute and compare the leaf
      certificate hash for the "add" command
    * renamed the "-st" option "-time"
    * updated the "-time" option to also set explicit verification time
    * added the "-ignore-timestamp" option
    * removed the "-timestamp-expiration" option
    * numerous bugfixes
    * documentation updates
  - build system changed to cmake
  - use source code tag instead of release artifact for source
  - updated URL
  - removed gpg check, signature no longer available from upstream
* Sun Apr 10 2022 Dirk Müller <dmueller@suse.com>
  - update to 2.3.0:
    * This release fixes several critical memory corruption vulnerabilities.
      A malicious attacker could create a file, which, when processed with
      osslsigncode, triggers arbitrary code execution. Any previous version
      of osslsigncode should be immediately upgraded if the tool is used for
      processing of untrusted files.
    * fixed non-interactive PVK (MSBLOB) key decryption
    * added a bash completion script
    * added CA bundle path auto-detection
    * CAT files support (thanks to James McKenzie)
    * MSI support rewritten without libgsf dependency, which allows
    * for handling of all the needed MSI metadata, such as dates
    * "-untrusted" option renamed to "-TSA-CAfile"
    * "-CRLuntrusted" option renamed to "-TSA-CRLfile"
    * numerous bug fixes and improvements
    * certificate chain verification support
    * timestamp verification support
    * CRL verification support ("-CRLfile" option)
    * improved CAB signature support
    * nested signatures support
    * user-specified signing time ("-st" option) by vszakats
    * added more tests
    * fixed numerous bugs
    * dropped OpenSSL 1.1.0 support
    * orphaned project adopted by Michał Trojnara
    * ported to OpenSSL 1.1.x
    * ported to SoftHSM2
    * add support for pkcs11-based hardware tokens
    * improved error reporting of timestamping errors
  - drop 0001-Make-code-work-with-OpenSSL-1.1.patch (obsolete)
  - add gpg validation
* Mon Nov 12 2018 meissner@suse.com
  - license is now GPL 3.0
* Wed Oct 24 2018 Cristian Rodríguez <crrodriguez@opensuse.org>
  - 0001-Make-code-work-with-OpenSSL-1.1.patch: Build against
    openssl 1.1.
* Wed Dec 20 2017 fcrozat@suse.com
  - Adapt BuildRequires to libopenssl-1_0_0-devel for SLE15 / TW.
* Mon Oct 05 2015 idonmez@suse.com
  - Add libgsf-devel dependency to enable MSI support.
* Sun Mar 08 2015 p.drouand@gmail.com
  - Update to version 1.7.1
    * MSI: added -add-msi-dse option
    * MSI: fix build when GSF_CAN_READ_MSI_METADATA defined
  - Add autoconf, automake and pkg-config BuildRequire; new dependencies
  - Move to pkg-config depend style
* Wed Jan 23 2013 fcrozat@suse.com
  - Initial package for openSUSE (based on James Bottomley package).

Files

/usr/bin/osslsigncode
/usr/share/bash-completion/completions/osslsigncode.bash
/usr/share/licenses/osslsigncode
/usr/share/licenses/osslsigncode/COPYING.txt
/usr/share/licenses/osslsigncode/LICENSE.txt

Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Oct 24 23:22:36 2025