[Bug 2119094] [NEW] Segmentation fault crash on Ubuntu 24.04 with osslsigncode

Segev Finer 2119094 at bugs.launchpad.net
Wed Jul 30 08:48:07 UTC 2025 

Public bug reported:

osslsigncode is crashing for me when used with libengine-pkcs11-openssl
on Ubuntu 24.04, e.g. with Google Cloud KMS PKCS#11 provider:

```
osslsigncode sign \
    -pkcs11engine /usr/lib/x86_64-linux-gnu/engines-3/pkcs11.so \
    -pkcs11module $PWD/libkmsp11-1.7-linux-amd64/libkmsp11.so \
    -certs cert.crt -key 'pkcs11:object=some-key' -h sha256 \
    -t http://timestamp.digicert.com \
    -in test.exe -out test-signed.exe
```

I think this is the following issue and fix:
* https://github.com/mtrojnar/osslsigncode/issues/388
* https://github.com/OpenSC/libp11/pull/554

Which should be considered for back porting or updating libp11 as this
is a crash bug that prevents this usage of osslsigncode with no
workaround.

** Affects: libp11 (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: osslsigncode (Ubuntu)
     Importance: Undecided
         Status: New

** Also affects: osssigncode
   Importance: Undecided
       Status: New

** Also affects: osslsigncode (Ubuntu)
   Importance: Undecided
       Status: New

** No longer affects: osssigncode

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libp11 in Ubuntu.
https://bugs.launchpad.net/bugs/2119094

Title:
  Segmentation fault crash on Ubuntu 24.04 with osslsigncode

Status in libp11 package in Ubuntu:
  New
Status in osslsigncode package in Ubuntu:
  New

Bug description:
  osslsigncode is crashing for me when used with libengine-
  pkcs11-openssl on Ubuntu 24.04, e.g. with Google Cloud KMS PKCS#11
  provider:

  ```
  osslsigncode sign \
      -pkcs11engine /usr/lib/x86_64-linux-gnu/engines-3/pkcs11.so \
      -pkcs11module $PWD/libkmsp11-1.7-linux-amd64/libkmsp11.so \
      -certs cert.crt -key 'pkcs11:object=some-key' -h sha256 \
      -t http://timestamp.digicert.com \
      -in test.exe -out test-signed.exe
  ```

  I think this is the following issue and fix:
  * https://github.com/mtrojnar/osslsigncode/issues/388
  * https://github.com/OpenSC/libp11/pull/554

  Which should be considered for back porting or updating libp11 as this
  is a crash bug that prevents this usage of osslsigncode with no
  workaround.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libp11/+bug/2119094/+subscriptions

More information about the foundations-bugs mailing list