[SignServer-announce] SignServer 3.7.0 released

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

The PrimeKey SignServer team is happy to announce the release of
SignServer 3.7.0 community and enterprise editions!

SignServer 3.7.0 introduces improvements to the user interfaces and
internal API:s to support multiple keys and certificates per worker, as
well as the ability to store certificates in the HSM. The CLI client now
has support for batch signing.
Starting from this version, SignServer can now be used for personal
signing of documents and code. In addition, batch signing enables new
use cases where documents are collected and then digitally signed all at
once, at a specific time.

Running on the latest technology platforms, SignServer is so flexible it
is suitable for any organization, cloud, social or mobile system.
Faster, more resource efficient, secure and user friendly than ever.

SignServer 3.7.0 is a major release with 67 issues resolved, the most
noteworthy listed below.

New Features and Improvements:
 - Individual keys and certificates
   (including CLI/GUI for managing those in a token).
 - Batch signing support in the client CLI.
 - Password prompts in the client CLI.
 - Initial support for building using Maven.
 - Improved logging options in PlainSigner and MSAuthCodeSigner.
 - Various GUI improvements.

Bug fixes:
 - Performance issue in XAdES signer has been fixed.
 - Client CLI startup issue on some systems is resolved.
 - Bundled versions of Apache Santuario (XML Security) and Xalan upgraded.

Security notice:

The Xalan 2.7.1 library previously bundled with SignServer is subject to
a potential security issue (CVE-2014-0107).
SignServer does not by itself use the vulnerable functions from Xalan
and there is thus no real vulnerability in SignServer.
We have anyway chosen to update to the latest versions as those
libraries are provided with SignServer.
As the application server also uses Xalan, users are recommended to
upgrade to JBoss EAP 6.3 or later which includes the newer Xalan
version. Alternatively, Red Hat provides patches for earlier EAP
versions. For JBoss AS 7.1.1 it is possible to follow our instructions
in the installation guide for how to instead use the libraries bundled
with SignServer.

Read the changelog in our issue tracker for full details:
https://jira.primekey.se/browse/DSS

Regards,
PrimeKey SignServer Team