Accepting request 720110 from home:AndreasStieger:branches:security:tls

libtasn1 4.14m with upstream fix for boo#1105435 CVE-2018-1000654 OBS-URL: https://build.opensuse.org/request/show/720110 OBS-URL: https://build.opensuse.org/package/show/security:tls/libtasn1?expand=0&rev=4
2019-08-01 05:59:22 +00:00 · 2019-08-01 05:59:22 +00:00 · 91eba75516
commit 91eba75516
parent 71f51d18f8
7 changed files with 32 additions and 150 deletions
--- a/libtasn1-4.13.tar.gz
+++ b/libtasn1-4.13.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7e528e8c317ddd156230c4e31d082cd13e7ddeb7a54824be82632209550c8cca
-size 1891703
--- a/libtasn1-4.13.tar.gz.sig
+++ b/libtasn1-4.13.tar.gz.sig
@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQEzBAABCAAdFiEEqBLL/fzcTQvnoJMSnV6q9pATuEIFAlpeOtEACgkQnV6q9pAT
-uEIWNAf/YnmT4u3ShAfhUKE4sIap+8ivG5AxCPw1Rwgwc8qcS2VKOVeiwYTWmt9t
-g5CDrVu27DTPbCkdS7sTKrHQT3Pjc2DRJWHJbaHr5J717sNp50XWWXjNyZGrmyN4
-ais1d7no0GMXRsR6SUOFi+M52Q/vWhhYz4gaDAV9XSOqbJ6MPiw4BhjqyVSQ4lwD
-Lfn4upk+1JFjzCpVft7iXrx1P4RXvFJC1sBYpUJAbdm9y0rO5jGiY7EHokDNq1rT
-71hBWUclo37GsJnF65CRD1Mb5/wdZxm2wvEL/SFlHKqnY/uB3y4u7il91fi9zrwY
-mDmVimu7E563pqum16000pybZIEmFw==
-=LTAv
-----END PGP SIGNATURE-----
--- a/libtasn1-4.14.tar.gz
+++ b/libtasn1-4.14.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9e604ba5c5c8ea403487695c2e407405820d98540d9de884d6e844f9a9c5ba08
+size 1771184
--- a/libtasn1-4.14.tar.gz.sig
+++ b/libtasn1-4.14.tar.gz.sig
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCAAdFiEEWfu1XKfzqKsMUDdz2BxIh/FnmmUFAl03SokACgkQ2BxIh/Fn
+mmWqpAgAoeGWiRn/Gp3kcxH5igYSbVPIK2ovLWrN4++zzrkrhNylMQeh/l/nVIjx
+Wk2aZ3wka0jCez7lAjIUV3FrjczMqunK4wopG4SKKw3K8OSScOaYZIkONFE45HmY
+xyYJnq5ePviy8oYfBczNSmyDqDeH1WQ5W/tpezlk9nbmEGqGT2Ic+DO2MeTzj0G+
+Z9s7pvyUAxRe0Rz0XJWQpSgyU+3nwppqasE1t+S7H/aNlFIBFCMfqET1n5hQAh/p
+qRKBzOSLzn/DdDGthZRCIDEhgPBz0tJ+WKmXgyilEXOjYcSc1pH4PdsboS759KIK
+zi07IvoeLbfwVVyFEpQ/QxkRwRBoBg==
+=+Jqp
+-----END PGP SIGNATURE-----
--- a/libtasn1-object-id-recursion.patch
+++ b/libtasn1-object-id-recursion.patch
@ -1,122 +0,0 @@
-From 9c40f7796c9d33179b602f65f4b587d175fba23c Mon Sep 17 00:00:00 2001
-From: Mike Gorse <mgorse@alum.wpi.edu>
-Date: Thu, 11 Apr 2019 11:14:58 -0500
-Subject: [PATCH 1/2] _asn1_expand_object_id: Limit recursion
-
-Resolves #4
---
- lib/parser_aux.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/lib/parser_aux.c b/lib/parser_aux.c
-index 786ea64..08c2167 100644
--- a/lib/parser_aux.c
-+++ b/lib/parser_aux.c
-@@ -675,7 +675,7 @@ _asn1_expand_object_id (asn1_node node)
- {
-   asn1_node p, p2, p3, p4, p5;
-   char name_root[ASN1_MAX_NAME_SIZE], name2[2 * ASN1_MAX_NAME_SIZE + 1];
-  int move, tlen;
-+  int move, tlen, tries;
- 
-   if (node == NULL)
-     return ASN1_ELEMENT_NOT_FOUND;
-@@ -684,6 +684,7 @@ _asn1_expand_object_id (asn1_node node)
- 
-   p = node;
-   move = DOWN;
-+  tries = 0;
- 
-   while (!((p == node) && (move == UP)))
-     {
-@@ -738,7 +739,9 @@ _asn1_expand_object_id (asn1_node node)
- 			  p4 = p4->right;
- 			}
- 		      move = DOWN;
-		      continue;
-+		      tries++;
-+                      if (tries < 3)
-+		        continue;
- 		    }
- 		}
- 	    }
-@@ -747,6 +750,7 @@ _asn1_expand_object_id (asn1_node node)
-       else
- 	move = RIGHT;
- 
-+      tries = 0;
-       if (move == DOWN)
- 	{
- 	  if (p->down)
-- 
-From 57d6bc19d44b0693023031c6dbc0d21a36550f34 Mon Sep 17 00:00:00 2001
-From: Mike Gorse <mgorse@alum.wpi.edu>
-Date: Thu, 25 Apr 2019 16:40:18 -0500
-Subject: [PATCH 2/2] Add reproducer for issues/4 to Test_tree.asn
-
---
- tests/Test_tree.asn        |  9 +++++++++
- tests/Test_tree_asn1_tab.c | 13 +++++++++++--
- 2 files changed, 20 insertions(+), 2 deletions(-)
-
-diff --git a/tests/Test_tree.asn b/tests/Test_tree.asn
-index 0ad0dc5..a253bc8 100644
--- a/tests/Test_tree.asn
-+++ b/tests/Test_tree.asn
-@@ -154,6 +154,15 @@ X520LocalityName ::= CHOICE {
-       bmpString           BMPString    }
- 
- 
-+id-xnyTest OBJECT IDENTIFIER  ::=  {id-ix 29 1}
-+id-ix OBJECR  ::=  {id-ix 29 2}
-+BMPString ::= OCTET S
-+}
-+UniversalString : BY id O}
-+id-ix OBJECT IDENTIFIER  ::=  {2 5}
-+id-xnyTest OBJECT IDENTIFIER  ::=  {id-ix 29 1}
-+anyTest2  ::= INTEGER
-+
- id-Test OBJECT IDENTIFIER  ::=  {1 2 29 2}
- 
- END
-diff --git a/tests/Test_tree_asn1_tab.c b/tests/Test_tree_asn1_tab.c
-index 7869f85..0f211c8 100644
--- a/tests/Test_tree_asn1_tab.c
-+++ b/tests/Test_tree_asn1_tab.c
-@@ -68,7 +68,7 @@ const asn1_static_node Test_tree_asn1_tab[] = {
-   { "set", 1610612751, NULL },
-   { NULL, 3, NULL },
-   { "oid", 1073741836, NULL },
-  { "time2", 1082130449, NULL },
-+  { "time2", 1073741861, NULL },
-   { "bol", 1073741828, NULL },
-   { "oct", 1073741831, NULL },
-   { "bit", 1073758214, NULL },
-@@ -81,7 +81,7 @@ const asn1_static_node Test_tree_asn1_tab[] = {
-   { "any", 1610637325, NULL },
-   { NULL, 4104, "1"},
-   { "gen", 1073758235, NULL },
-  { "time1", 16777233, NULL },
-+  { "time1", 36, NULL },
-   { "SequenceTestTag", 1610612741, NULL },
-   { "int1", 1610620931, NULL },
-   { NULL, 2056, "2"},
-@@ -160,6 +160,15 @@ const asn1_static_node Test_tree_asn1_tab[] = {
-   { "universalString", 1073741856, NULL },
-   { "utf8String", 1073741858, NULL },
-   { "bmpString", 33, NULL },
-+  { "id-xnyTest", 1879048204, NULL },
-+  { NULL, 1073741825, "id-ix"},
-+  { NULL, 1073741825, "29"},
-+  { NULL, 1, "1"},
-+  { "id-ix", 1880096780, "OBJECR"},
-+  { NULL, 1073741825, "id-ix"},
-+  { NULL, 1073741825, "29"},
-+  { NULL, 1, "2"},
-+  { "BMPString", 1073741827, NULL },
-   { "id-Test", 805306380, NULL },
-   { NULL, 1073741825, "1"},
-   { NULL, 1073741825, "2"},
-- 
-2.20.1
-
--- a/libtasn1.changes
+++ b/libtasn1.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Wed Jul 31 20:15:25 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- libtasn1 4.14:
+  * New #defines for version checking
+  * other developer visible changes
+- drop libtasn1-object-id-recursion.patch, incorporating the
+  upstream fix for boo#1105435 CVE-2018-1000654
+
 -------------------------------------------------------------------
 Mon Apr 29 16:13:16 UTC 2019 - mgorse@suse.com

--- a/libtasn1.spec
+++ b/libtasn1.spec
@ -18,24 +18,21 @@

 %define somajor 6
 Name:           libtasn1
-Version:        4.13
+Version:        4.14
 Release:        0
 Summary:        ASN.1 parsing library
 License:        LGPL-2.1-or-later AND GPL-3.0-only
 Group:          Productivity/Networking/Security
-Url:            https://www.gnu.org/software/libtasn1/
+URL:            https://www.gnu.org/software/libtasn1/
 Source0:        http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz
 Source1:        ftp://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.gz.sig
 # http://josefsson.org/key.txt
 Source2:        %{name}.keyring
 Source99:       baselibs.conf
-# PATCH-FIX-UPSTREAM libtasn1-object-id-recursion.patch boo#1105435 mgorse@suse.com -- limit recursion in _asn1_expand_object_id.
-Patch0:         libtasn1-object-id-recursion.patch
 BuildRequires:  info
 BuildRequires:  pkgconfig
 Requires(post): %{install_info_prereq}
 Requires(preun): %{install_info_prereq}
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build

 %description
 This is the ASN.1 library used by GNUTLS. More up to date information
@ -64,7 +61,6 @@ http://www.gnutls.org

 %prep
 %setup -q
-%patch0 -p1

 %build
 %configure --disable-static
@ -87,22 +83,21 @@ make %{?_smp_mflags} check
 %postun -n libtasn1-%{somajor} -p /sbin/ldconfig

 %files
-%defattr(-, root, root)
-%license COPYING.LIB
-%doc NEWS README THANKS
+%license doc/COPYING*
+%doc NEWS README.md THANKS
 %{_bindir}/*
-%{_mandir}/man1/*.1%{ext_man}
-%{_infodir}/*.info%{ext_info}
+%{_mandir}/man1/*.1%{?ext_man}
+%{_infodir}/*.info%{?ext_info}

 %files -n libtasn1-%{somajor}
-%defattr(-, root, root)
+%license doc/COPYING*
 %{_libdir}/*.so.%{somajor}*

 %files devel
-%defattr(-, root, root)
+%license doc/COPYING*
 %{_includedir}/*.h
 %{_libdir}/*.so
 %{_libdir}/pkgconfig/libtasn1.pc
-%{_mandir}/man3/*.3%{ext_man}
+%{_mandir}/man3/*.3%{?ext_man}

 %changelog