[Libreoffice-bugs] [Bug 86780] New: Libre Office Signed binaries appear to have been time stamped incorrectly after certificate expires

[bugzilla-daemon]

https://bugs.freedesktop.org/show_bug.cgi?id=86780

            Bug ID: 86780
           Summary: Libre Office Signed binaries appear to have been time
                    stamped incorrectly after certificate expires
           Product: LibreOffice
           Version: 4.3.4.1 release
          Hardware: x86-64 (AMD64)
                OS: Windows (All)
            Status: UNCONFIRMED
          Severity: normal
          Priority: medium
         Component: Libreoffice
          Assignee: libreoffice-bugs@lists.freedesktop.org
          Reporter: charlie.quinn...@gmail.com

Created attachment 110122
  --> https://bugs.freedesktop.org/attachment.cgi?id=110122&action=edit
Screenshot showing issue

If you look at the Digital Signature Details for LibreOffice binaries after a
certificate has expired it shows that the required certificate is not within
its validity period even though the file was correctly signed before the
certificate has expired.

This is not usual and can lead to issues within the Windows environment (see
below).

I think this is because when these binaries are signed the “Lifetime Signing”
EKU is set.

You can tell this is happening by looking at the Countersignatures. Timestamp
which always shows the current time (see attached screenshot).


This can cause poor performance when the LibreOffice is operating and although
unlikely could potentially cause some anti-malware vendors to incorrectly
classify LibreOffice binaries as malware.

-- 
You are receiving this mail because:
You are the assignee for the bug.

_______________________________________________
Libreoffice-bugs mailing list
Libreoffice-bugs@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs