release 2.3

mtrojnar · mtrojnar · commit 73d7cf011e66 · 2022-03-06T20:11:25.000+01:00
Signed-off-by: Michał Trojnara &lt;Michal.Trojnara@stunnel.org&gt;
diff --git a/INSTALL.W32.md b/INSTALL.W32.md
@@ -14,7 +14,7 @@
   cd osslsigncode-folder
   x86_64-w64-mingw32-gcc osslsigncode.c msi.c msi.h -o osslsigncode.exe \
     -lcrypto -lssl -lcurl \
-    -D 'PACKAGE_STRING="osslsigncode 2.2"' \
+    -D 'PACKAGE_STRING="osslsigncode 2.3"' \
     -D 'PACKAGE_BUGREPORT="Michal.Trojnara@stunnel.org"' \
     -D ENABLE_CURL
 ```
@@ -24,7 +24,7 @@
   path=%path%;c:\msys64\mingw64\bin
   cd osslsigncode-folder
   osslsigncode.exe -v
-  osslsigncode 2.2, using:
+  osslsigncode 2.3, using:
         OpenSSL 1.1.1g  21 Apr 2020 (Library: OpenSSL 1.1.1g  21 Apr 2020)
         libcurl/7.70.0 OpenSSL/1.1.1g (Schannel) zlib/1.2.11 brotli/1.0.7 libidn2/2.3.0
         libpsl/0.21.0 (+libidn2/2.3.0) libssh2/1.9.0 nghttp2/1.40.0
@@ -76,7 +76,7 @@
     -I 'C:/OpenSSL/include/' \
     -L 'C:/curl/lib' -lcurl \
     -I 'C:/curl/include' \
-    -D 'PACKAGE_STRING="osslsigncode 2.2"' \
+    -D 'PACKAGE_STRING="osslsigncode 2.3"' \
     -D 'PACKAGE_BUGREPORT="Michal.Trojnara@stunnel.org"' \
     -D ENABLE_CURL
 ```
@@ -90,7 +90,7 @@
   copy C:\msys64\mingw64\bin\zlib1.dll
 
   osslsigncode.exe -v
-  osslsigncode 2.2, using:
+  osslsigncode 2.3, using:
         OpenSSL 1.1.1k  25 Mar 2021 (Library: OpenSSL 1.1.1k  25 Mar 2021)
         libcurl/7.78.0 OpenSSL/1.1.1k zlib/1.2.11
 ```
diff --git a/NEWS.md b/NEWS.md
@@ -1,10 +1,19 @@
 # osslsigncode change log
 
-### 2.3 (unreleased)
+### 2.3 (2022.03.06)
 
-- fixed memory safety
-- added bash completion script
-- added CA bundle auto-detection
+**CRITICAL SECURITY VULNERABILITIES**
+
+This release fixes several critical memory corruption vulnerabilities.
+A malicious attacker could create a file, which, when processed with
+osslsigncode, triggers arbitrary code execution.  Any previous version
+of osslsigncode should be immediately upgraded if the tool is used for
+processing of untrusted files.
+
+- fixed several memory safety issues
+- fixed non-interactive PVK (MSBLOB) key decryption
+- added a bash completion script
+- added CA bundle path auto-detection
 
 ### 2.2 (2021.08.15)
 
diff --git a/configure.ac b/configure.ac
@@ -1,6 +1,6 @@
 AC_PREREQ(2.60)
 
-AC_INIT([osslsigncode], [2.2.0], [Michal.Trojnara@stunnel.org])
+AC_INIT([osslsigncode], [2.3.0], [Michal.Trojnara@stunnel.org])
 AC_CONFIG_AUX_DIR([.])
 AC_CONFIG_HEADERS([config.h])
 AM_INIT_AUTOMAKE

-Original file line number
+Diff line change
@@ @@ -1,6 +1,6 @@ @@
 AC_PREREQ(2.60)
 -AC_INIT([osslsigncode], [2.2.0], [[email protected]])
 +AC_INIT([osslsigncode], [2.3.0], [[email protected]])
 AC_CONFIG_AUX_DIR([.])
 AC_CONFIG_HEADERS([config.h])
 AM_INIT_AUTOMAKE