* Sun Feb 22 2026 meissner@suse.com
- Update to version 3.0.5:
* CVE-2026-24122: Fixed improper validation of certificates that
outlive expired CA certificates (bsc#1258542)
* CVE-2026-26958: Fixed filippo.io/edwards25519: failure to initialize
receiver in MultiScalarMult can produce invalid results and lead to
undefined behavior (bsc#1258612)
* CVE-2026-24137: Fixed github.com/sigstore/sigstore/pkg/tuf: legacy
TUF client allows for arbitrary file writes with target cache path
traversal (bsc#1257139)
* CVE-2026-22772: Fixed github.com/sigstore/fulcio: bypass MetaIssuer
URL validation bypass can trigger SSRF to arbitrary internal services
(bsc#1256562)
* CVE-2026-23991: Fixed github.com/theupdateframework/go-tuf/v2: denial
of service due to invalid TUF metadata JSON returned by TUF repository
(bsc#1257080)
* CVE-2026-23992: Fixed github.com/theupdateframework/go-tuf/v2:
unauthorized modification to TUF metadata files due to a compromised
or misconfigured TUF repository (bsc#1257085)
* chore(deps): bump google.golang.org/api from 0.260.0 to 0.264.0 (#4679)
* chore(deps): bump github.com/sigstore/rekor-tiles/v2 from 2.0.1 to 2.1.0 (#4670)
* chore(deps): bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 (#4712)
* chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4680)
* chore(deps): bump the gomod group across 1 directory with 4 updates (#4702)
* chore(deps): bump the actions group with 3 updates (#4703)
* update golang builder to use go1.25.7 (#4687)
* update golangci-lint to v2.8.x (#4688)
* Fix typo in CLI help (#4701)
* Support DSSE signing conformance test (#4685)
* chore(deps): bump the actions group across 1 directory with 8 updates (#4689)
* Deprecate rekor-entry-type flag (#4691)
* Deprecate cosign triangulate (#4676)
* Deprecate cosign copy (#4681)
* Enforce TSA requirement for Rekor v2, Fuclio signing (#4683)
* chore(deps): bump github.com/theupdateframework/go-tuf/v2 (#4668)
* chore(deps): bump golang from 1.25.5 to 1.25.6 in the all group (#4673)
* Automatically require signed timestamp with Rekor v2 entries (#4666)
* Fix syntax issue in conformance test, update nightly (#4664)
* Add mTLS support for TSA client connections when signing with a signing config (#4620)
* fix: avoid panic on malformed tlog entry body (#4652)
* Verify validity of chain rather than just certificate (#4663)
* Allow --local-image with --new-bundle-format for v2 and v3 signatures (#4626)
* chore(deps): bump the gomod group across 1 directory with 3 updates (#4662)
* Bump sigstore/sigstore to resolve GHSA (#4660)
* Gracefully fail if bundle payload body is not a string (#4648)
* fix: avoid panic on malformed replace payload (#4653)
* chore(deps): bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 (#4659)
* fix: avoid panic on malformed attestation payload (#4651)
* fix: avoid panic on malformed tlog entries (#4649)
* Update conformance to latest
* docs(cosign): clarify RFC3161 revocation semantics (#4642)
* Add empty predicate to cosign sign when payload type is application/vnd.in-toto+json (#4635)
* chore(deps): bump github.com/sigstore/fulcio from 1.8.4 to 1.8.5 (#4637)
* Add origin key for ctfe trusted root
* Add changelog updates for v3.0.4 and v2.6.2 (#4625)
* Wed Feb 11 2026 meissner@suse.com
- Update to version 3.0.4:
* CVE-2025-11065: Fixed github.com/go-viper/mapstructure/v2: sensitive
Information leak in logs (bsc#1250620)
* CVE-2026-22703: Fixed that cosign verification accepts any valid
Rekor entry under certain conditions (bsc#1256496)
* Fix bundle verify path for old bundle/trusted root (#4623)
* chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4616)
* chore(deps): bump cuelang.org/go in the gomod group (#4615)
* Optimize cosign tree performance by caching digest resolution (#4612)
* Don't require a trusted root to verify offline with a key (#4613)
* Support default services for trusted-root and signing-config creation (#4592)
* chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4602)
* chore(deps): bump github.com/sigstore/sigstore-go (#4578)
* chore(deps): bump github.com/buildkite/agent/v3 from 3.114.1 to 3.115.2 (#4601)
* chore(deps): bump google.golang.org/api from 0.257.0 to 0.258.0 (#4611)
* chore(deps): bump k8s.io/client-go from 0.34.3 to 0.35.0 (#4604)
* chore(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 (#4588)
* chore(deps): bump golang.org/x/oauth2 from 0.33.0 to 0.34.0 (#4586)
* chore(deps): bump the gomod group with 5 updates (#4599)
* chore(deps): bump github.com/open-policy-agent/opa from 1.10.1 to 1.12.1 (#4600)
* chore(deps): bump golang.org/x/term from 0.37.0 to 0.38.0 (#4584)
* chore(deps): bump the actions group with 3 updates (#4587)
* chore(deps): bump actions/cache from 4.3.0 to 5.0.1 (#4589)
* chore(deps): bump the gomod group with 9 updates (#4577)
* Wed Dec 10 2025 meissner@suse.com
- Update to version 3.0.3:
* 4554: Closes 4554 - Add warning when --output* is used (#4556)
* chore(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.1.0 (#4545)
* chore(deps): bump github.com/buildkite/agent/v3 from 3.111.0 to 3.113.0 (#4542)
* chore(deps): bump github.com/awslabs/amazon-ecr-credential-helper/ecr-login (#4543)
* chore(deps): bump actions/checkout from 5.0.0 to 6.0.0 (#4546)
* chore(deps): bump the actions group with 4 updates (#4544)
* chore(deps): bump the gomod group across 1 directory with 5 updates (#4567)
* chore(deps): bump golang from 1.25.4 to 1.25.5 in the all group (#4568)
* update builder to use go1.25.5 (#4566)
* Protobuf bundle support for subcommand `clean` (#4539)
* Add staging flag to initialize with staging TUF metadata
* update slack invite link (#4560)
* Updating sign-blob to also support signing with a certificate (#4547)
* Bump sigstore library dependencies (#4532)
* Protobuf bundle support for subcommands `save` and `load` (#4538)
* Fix cert attachment for new bundle with signing config
* Fix OCI verification with local cert - old bundle
* chore(deps): bump github.com/sigstore/fulcio from 1.7.1 to 1.8.1 (#4519)
* chore(deps): bump golang.org/x/crypto in /test/fakeoidc (#4535)
* chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 (#4536)
* CVE-2025-58181: Fixed golang.org/x/crypto/ssh: invalidated number
of mechanisms can cause unbounded memory consumption (bsc#1253913)
* update go builder and cosign (#4529)
* chore(deps): bump the gomod group across 1 directory with 7 updates (#4528)
* chore(deps): bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (#4478)
* chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4520)
* chore(deps): bump golang from 1.25.3 to 1.25.4 in the all group (#4515)
* chore(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 (#4518)
* chore(deps): bump cuelang.org/go from 0.14.2 to 0.15.0 (#4524)
* chore(deps): bump github.com/open-policy-agent/opa from 1.9.0 to 1.10.1 (#4521)
* chore(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#4502)
* chore(deps): bump the actions group across 1 directory with 2 updates (#4516)
* chore(deps): bump github.com/buildkite/agent/v3 from 3.110.0 to 3.111.0 (#4523)
* chore(deps): bump github.com/theupdateframework/go-tuf/v2 (#4522)
* Deprecate tlog-upload flag (#4458)
* fix: Use signal context for `sign` cli package.
* update offline verification directions (#4526)
* Fix signing/verifying annotations for new bundle
* Add support to download and attach for protobuf bundles (#4477)
* Add --signing-algorithm flag (#3497)
* Refactor signcommon bundle helpers
* Add --bundle and fix --upload for new bundle
* Pass insecure registry flags through to referrers
* chore(deps): bump github.com/buildkite/agent/v3 from 3.108.0 to 3.109.1 (#4483)
* Add protobuf bundle support for tree subcommand (#4491)
* Remove stale embed import (#4492)
* Support multiple container identities
* chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4484)
* chore(deps): bump chainguard-dev/actions in the actions group (#4480)
* chore(deps): bump github.com/sigstore/rekor-tiles/v2 (#4485)
* chore(deps): bump golang.org/x/crypto from 0.42.0 to 0.43.0 (#4486)
* chore(deps): bump cuelang.org/go in the gomod group (#4479)
* upgrade OSS-Fuzz build tooling (#4487)
* Fix segfault when no attestations are found (#4472)
* Use overridden repository for new bundle format (#4473)
* update go to 1.25.3 (#4471)
* Remove --out flag from `cosign initialize` (#4462)
* chore(deps): bump the actions group with 2 updates (#4460)
* Deprecate offline flag (#4457)
* Deduplicate code in sign/attest* and verify* commands (#4449)
* Cache signing config when calling initialize (#4456)
* Update changelog for v3.0.2 (#4455)
* chore(deps): bump google.golang.org/api from 0.250.0 to 0.251.0
* chore(deps): bump gitlab.com/gitlab-org/api/client-go
* chore(deps): bump the actions group with 3 updates
* chore(deps): bump github.com/buildkite/agent/v3 from 3.107.2 to 3.108.0
* choose different signature filename for KMS-signed release signatures (#4448)
* chore(deps): bump github.com/go-jose/go-jose/v4 (#4451)
* Update rekor-tiles version path
* update CL for v3.0.1 release (#4447)
* update goreleaser config for v3.0.0 release (#4446)
* Create changelog for v3.0.0 (#4440)
* Fetch service URLs from the TUF PGI signing config by default (#4428)
* Create changelog for v2.6.1 (#4439)
* chore(deps): bump google.golang.org/api from 0.249.0 to 0.250.0 (#4432)
* chore(deps): bump the gomod group with 2 updates (#4429)
* chore(deps): bump github.com/open-policy-agent/opa from 1.8.0 to 1.9.0 (#4433)
* chore(deps): bump the actions group with 3 updates (#4434)
* chore(deps): bump github.com/go-openapi/swag from 0.24.1 to 0.25.1 (#4435)
* chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4436)
* chore(deps): bump github.com/go-openapi/runtime from 0.28.0 to 0.29.0 (#4437)
* Bump module version to v3 for Cosign v3.0 (#4427)
* Move sigstore-conformance back to tagged release (#4425)
* Bump sigstore-go to v1.1.3 (#4423)
* Partially populate the output of cosign verify when working with new bundles (#4416)
* chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4419)
* chore(deps): bump github.com/theupdateframework/go-tuf/v2 (#4418)
* chore(deps): bump github.com/buildkite/agent/v3 from 3.105.0 to 3.107.0 (#4420)
* chore(deps): bump chainguard-dev/actions in the actions group (#4421)
* bump go builder to use 1.25.1 and cosign (#4417)
* Bump sigstore-go for more precise user agents (#4413)
* chore(deps): bump github.com/spf13/viper from 1.20.1 to 1.21.0 (#4408)
* chore(deps): bump the actions group with 2 updates (#4407)
* chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4410)
* chore(deps): bump github.com/buildkite/agent/v3 from 3.104.0 to 3.105.0 (#4411)
* Default to using the new protobuf format (#4318)
* Thu Sep 18 2025 meissner@suse.com
- Update to version 2.6.0:
- Require exclusively a SigningConfig or service URLs when signing (#4403)
- Add a terminal spinner while signing with sigstore-go (#4402)
- Bump sigstore-go, support alternative hash algorithms with keys (#4386)
- Add support for SigningConfig in sign/attest (#4371)
- Support self-managed keys when signing with sigstore-go (#4368)
- Remove SHA256 assumption in sign-blob/verify-blob (#4050)
- introduce dockerfile to pin the go version to decouple go version from go.mod (#4369)
- refactor: extract function to write referrer attestations (#4357)
- Break import cycle with e2e build tag (#4370)
- Update conformance test binary for signing config (#4367)
- update builder image to use go1.25 (#4366)
- Don't load content from TUF if trusted root path is specified (#4347)
- Don't require timestamps when verifying with a key (#4337)
- Fixes to cosign sign / verify for the new bundle format (#4346)
- update builder to use go1.24.6 (#4334)
- bump golangci-lint to v2.3.x (#4333)
- Have cosign sign support bundle format (#4316)
- Add support for SigningConfig for sign-blob/attest-blob, support Rekor v2 (#4319)
- Verify subject with bundle only when checking claims (#4320)
- Add to `attest-blob` the ability to supply a complete in-toto statement, and add to `verify-blob-attestation` the ability to verify with just a digest (#4306)
Version: 2.5.3-160000.1.2
* Fri Jul 18 2025 meissner@suse.com
- Update to version 2.5.3 (jsc#SLE-23879)
- Add signing-config create command (#4280)
- Allow multiple services to be specified for trusted-root create (#4285)
- force when copying the latest image to overwrite (#4298)
- Fix cert verification logic for trusted-root/SCTs (#4294)
- Fix lint error for types package (#4295)
- feat: Add OCI 1.1+ experimental support to tree (#4205)
- Add validity period end for trusted-root create (#4271)
- avoid double-loading trustedroot from file (#4264)
- Update to 2.5.2:
- Do not load trusted root when CT env key is set
- docs: improve doc for --no-upload option (#4206)
- Update to 2.5.1:
* Features
- Add Rekor v2 support for trusted-root create (#4242)
- Add baseUrl and Uri to trusted-root create command
- Upgrade to TUF v2 client with trusted root
- Don't verify SCT for a private PKI cert (#4225)
- Bump TSA library to relax EKU chain validation rules (#4219)
* Bug Fixes
- Bump sigstore-go to pick up log index=0 fix (#4162)
- remove unused recursive flag on attest command (#4187)
* Docs
- Fix indentation in verify-blob cmd examples (#4160)
* GO-2025-3660/ CVE-2025-46569: Fixed OPA server Data API HTTP path injection of Rego (bsc#1246725)
* Wed May 28 2025 meissner@suse.com
- switch to go1.24, enable fips build
* Sun Apr 13 2025 meissner@suse.com
- Update to version 2.5.0:
* Update sigstore-go to pick up bug fixes (#4150)
* Update golangci-lint to v2, update golangci-lint-action (#4143)
* Feat/non filename completions (#4115)
* update builder to use go1.24.1 (#4116)
* Add support for new bundle specification for attesting/verifying OCI image attestations (#3889)
* Remove cert log line (#4113)
* cmd/cosign/cli: fix typo in ignoreTLogMessage (#4111)
* bump to latest scaffolding release for testing (#4099)
* increase 2e2_test docker compose tiemout to 180s (#4091)
* Fix replace with compliant image mediatype (#4077)
* Add TSA certificate related flags and fields for cosign attest (#4079)
- Security issues fixed:
- CVE-2024-6104: cosign: hashicorp/go-retryablehttp: url might write sensitive information to log file (bsc#1227031)
- CVE-2024-51744: cosign: github.com/golang-jwt/jwt/v4: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt (bsc#1232985)
- CVE-2025-27144: cosign: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: Go JOSE's Parsing Vulnerable to Denial of Service (bsc#1237682)
- CVE-2025-22870: cosign: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs (bsc#1238693)
- CVE-2025-22868: cosign: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (bsc#1239204)
- CVE-2025-22869: cosign: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239337)
* Thu Feb 20 2025 meissner@suse.com
- Update to version 2.4.3:
* Enable fetching signatures without remote get. (#4047)
* Bump sigstore/sigstore to support KMS plugins (#4073)
* sort properly Go imports (#4071)
* sync comment with parameter name in function signature (#4063)
* fix go imports order to be alphabetical (#4062)
* fix comment typo and imports order (#4061)
* Feat/file flag completion improvements (#4028)
* Udpate builder to use go1.23.6 (#4052)
* Refactor verifyNewBundle into library function (#4013)
* fix parsing error in --only for cosign copy (#4049)
* Fix codeowners syntax, add dep-maintainers (#4046)
* Wed Feb 05 2025 meissner@suse.com
- Update to version 2.4.2:
- Updated open-policy-agent to 1.1.0 library (#4036)
- Note that only Rego v0 policies are supported at this time
- Add UseSignedTimestamps to CheckOpts, refactor TSA options (#4006)
- Add support for verifying root checksum in cosign initialize (#3953)
- Detect if user supplied a valid protobuf bundle (#3931)
- Add a log message if user doesn't provide --trusted-root (#3933)
- Support mTLS towards container registry (#3922)
- Add bundle create helper command (#3901)
- Add trusted-root create helper command (#3876)
Bug Fixes:
- fix: set tls config while retaining other fields from default http transport (#4007)
- policy fuzzer: ignore known panics (#3993)
- Fix for multiple WithRemote options (#3982)
- Add nightly conformance test workflow (#3979)
- Fix copy --only for signatures + update/align docs (#3904)
- use "osc service mr" to update
* Wed Oct 02 2024 meissner@suse.com
- update to 2.4.0 (jsc#SLE-23879)
- Add new bundle support to verify-blob and verify-blob-attestation (#3796)
- Adding protobuf bundle support to sign-blob and attest-blob (#3752)
- Bump sigstore/sigstore to support email_verified as string or boolean (#3819)
- Conformance testing for cosign (#3806)
- move incremental builds per commit to GHCR instead of GCR (#3808)
- Add support for recording creation timestamp for cosign attest (#3797)
- Include SCT verification failure details in error message (#3799)
* Tue Aug 20 2024 sarah.kriesch@opensuse.org
- Set CGO_ENABLED=1 for fixing s390x failed build
* Wed Jul 24 2024 meissner@suse.com
- update to 2.3.0 (jsc#SLE-23879)
* Features
- Add PayloadProvider interface to decouple AttestationToPayloadJSON from oci.Signature interface (#3693)
- add registry options to cosign save (#3645)
- Add debug providers command. (#3728)
- Make config layers in ociremote mountable (#3741)
- adds tsa cert chain check for env var or tuf targets. (#3600)
- add --ca-roots and --ca-intermediates flags to 'cosign verify' (#3464)
- add handling of keyless verification for all verify commands (#3761)
* Bug Fixes
- fix: close attestationFile (#3679)
- Set bundleVerified to true after Rekor verification (Resolves #3740) (#3745)
* Documentation
- Document ImportKeyPair and LoadPrivateKey functions in pkg/cosign (#3776)
* Fri May 31 2024 opensuse_buildservice@ojkastl.de
- add completion subpackages (bash, fish, zsh)
* Mon Apr 15 2024 meissner@suse.com
- updated to 2.2.4 (jsc#SLE-23879)
* Bug Fixes
* Fixes for GHSA-88jx-383q-w4qc and GHSA-95pr-fxf5-86gv (#3661)
- CVE-2024-29902: Malicious attachments can cause system-wide denial of service (bsc#1222835)
- CVE-2024-29903: Malicious artifects can cause machine-wide denial of service (bsc#1222837)
* ErrNoSignaturesFound should be used when there is no signature attached to an image. (#3526)
* fix semgrep issues for dgryski.semgrep-go ruleset (#3541)
* Honor creation timestamp for signatures again (#3549)
* Features
* Adds Support for Fulcio Client Credentials Flow, and Argument to Set Flow Explicitly (#3578)
* Documentation
* add oci bundle spec (#3622)
* Correct help text of triangulate cmd (#3551)
* Correct help text of verify-attestation policy argument (#3527)
* feat: add OVHcloud MPR registry tested with cosign (#3639)