diff --git a/libtasn1-4.13.tar.gz b/libtasn1-4.13.tar.gz deleted file mode 100644 index ab443c5..0000000 --- a/libtasn1-4.13.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7e528e8c317ddd156230c4e31d082cd13e7ddeb7a54824be82632209550c8cca -size 1891703 diff --git a/libtasn1-4.13.tar.gz.sig b/libtasn1-4.13.tar.gz.sig deleted file mode 100644 index 006d806..0000000 --- a/libtasn1-4.13.tar.gz.sig +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCAAdFiEEqBLL/fzcTQvnoJMSnV6q9pATuEIFAlpeOtEACgkQnV6q9pAT -uEIWNAf/YnmT4u3ShAfhUKE4sIap+8ivG5AxCPw1Rwgwc8qcS2VKOVeiwYTWmt9t -g5CDrVu27DTPbCkdS7sTKrHQT3Pjc2DRJWHJbaHr5J717sNp50XWWXjNyZGrmyN4 -ais1d7no0GMXRsR6SUOFi+M52Q/vWhhYz4gaDAV9XSOqbJ6MPiw4BhjqyVSQ4lwD -Lfn4upk+1JFjzCpVft7iXrx1P4RXvFJC1sBYpUJAbdm9y0rO5jGiY7EHokDNq1rT -71hBWUclo37GsJnF65CRD1Mb5/wdZxm2wvEL/SFlHKqnY/uB3y4u7il91fi9zrwY -mDmVimu7E563pqum16000pybZIEmFw== -=LTAv ------END PGP SIGNATURE----- diff --git a/libtasn1-4.14.tar.gz b/libtasn1-4.14.tar.gz new file mode 100644 index 0000000..f52713f --- /dev/null +++ b/libtasn1-4.14.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9e604ba5c5c8ea403487695c2e407405820d98540d9de884d6e844f9a9c5ba08 +size 1771184 diff --git a/libtasn1-4.14.tar.gz.sig b/libtasn1-4.14.tar.gz.sig new file mode 100644 index 0000000..be89069 --- /dev/null +++ b/libtasn1-4.14.tar.gz.sig @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCAAdFiEEWfu1XKfzqKsMUDdz2BxIh/FnmmUFAl03SokACgkQ2BxIh/Fn +mmWqpAgAoeGWiRn/Gp3kcxH5igYSbVPIK2ovLWrN4++zzrkrhNylMQeh/l/nVIjx +Wk2aZ3wka0jCez7lAjIUV3FrjczMqunK4wopG4SKKw3K8OSScOaYZIkONFE45HmY +xyYJnq5ePviy8oYfBczNSmyDqDeH1WQ5W/tpezlk9nbmEGqGT2Ic+DO2MeTzj0G+ +Z9s7pvyUAxRe0Rz0XJWQpSgyU+3nwppqasE1t+S7H/aNlFIBFCMfqET1n5hQAh/p +qRKBzOSLzn/DdDGthZRCIDEhgPBz0tJ+WKmXgyilEXOjYcSc1pH4PdsboS759KIK +zi07IvoeLbfwVVyFEpQ/QxkRwRBoBg== +=+Jqp +-----END PGP SIGNATURE----- diff --git a/libtasn1-object-id-recursion.patch b/libtasn1-object-id-recursion.patch deleted file mode 100644 index 58459b8..0000000 --- a/libtasn1-object-id-recursion.patch +++ /dev/null @@ -1,122 +0,0 @@ -From 9c40f7796c9d33179b602f65f4b587d175fba23c Mon Sep 17 00:00:00 2001 -From: Mike Gorse -Date: Thu, 11 Apr 2019 11:14:58 -0500 -Subject: [PATCH 1/2] _asn1_expand_object_id: Limit recursion - -Resolves #4 ---- - lib/parser_aux.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/lib/parser_aux.c b/lib/parser_aux.c -index 786ea64..08c2167 100644 ---- a/lib/parser_aux.c -+++ b/lib/parser_aux.c -@@ -675,7 +675,7 @@ _asn1_expand_object_id (asn1_node node) - { - asn1_node p, p2, p3, p4, p5; - char name_root[ASN1_MAX_NAME_SIZE], name2[2 * ASN1_MAX_NAME_SIZE + 1]; -- int move, tlen; -+ int move, tlen, tries; - - if (node == NULL) - return ASN1_ELEMENT_NOT_FOUND; -@@ -684,6 +684,7 @@ _asn1_expand_object_id (asn1_node node) - - p = node; - move = DOWN; -+ tries = 0; - - while (!((p == node) && (move == UP))) - { -@@ -738,7 +739,9 @@ _asn1_expand_object_id (asn1_node node) - p4 = p4->right; - } - move = DOWN; -- continue; -+ tries++; -+ if (tries < 3) -+ continue; - } - } - } -@@ -747,6 +750,7 @@ _asn1_expand_object_id (asn1_node node) - else - move = RIGHT; - -+ tries = 0; - if (move == DOWN) - { - if (p->down) --- -From 57d6bc19d44b0693023031c6dbc0d21a36550f34 Mon Sep 17 00:00:00 2001 -From: Mike Gorse -Date: Thu, 25 Apr 2019 16:40:18 -0500 -Subject: [PATCH 2/2] Add reproducer for issues/4 to Test_tree.asn - ---- - tests/Test_tree.asn | 9 +++++++++ - tests/Test_tree_asn1_tab.c | 13 +++++++++++-- - 2 files changed, 20 insertions(+), 2 deletions(-) - -diff --git a/tests/Test_tree.asn b/tests/Test_tree.asn -index 0ad0dc5..a253bc8 100644 ---- a/tests/Test_tree.asn -+++ b/tests/Test_tree.asn -@@ -154,6 +154,15 @@ X520LocalityName ::= CHOICE { - bmpString BMPString } - - -+id-xnyTest OBJECT IDENTIFIER ::= {id-ix 29 1} -+id-ix OBJECR ::= {id-ix 29 2} -+BMPString ::= OCTET S -+} -+UniversalString : BY id O} -+id-ix OBJECT IDENTIFIER ::= {2 5} -+id-xnyTest OBJECT IDENTIFIER ::= {id-ix 29 1} -+anyTest2 ::= INTEGER -+ - id-Test OBJECT IDENTIFIER ::= {1 2 29 2} - - END -diff --git a/tests/Test_tree_asn1_tab.c b/tests/Test_tree_asn1_tab.c -index 7869f85..0f211c8 100644 ---- a/tests/Test_tree_asn1_tab.c -+++ b/tests/Test_tree_asn1_tab.c -@@ -68,7 +68,7 @@ const asn1_static_node Test_tree_asn1_tab[] = { - { "set", 1610612751, NULL }, - { NULL, 3, NULL }, - { "oid", 1073741836, NULL }, -- { "time2", 1082130449, NULL }, -+ { "time2", 1073741861, NULL }, - { "bol", 1073741828, NULL }, - { "oct", 1073741831, NULL }, - { "bit", 1073758214, NULL }, -@@ -81,7 +81,7 @@ const asn1_static_node Test_tree_asn1_tab[] = { - { "any", 1610637325, NULL }, - { NULL, 4104, "1"}, - { "gen", 1073758235, NULL }, -- { "time1", 16777233, NULL }, -+ { "time1", 36, NULL }, - { "SequenceTestTag", 1610612741, NULL }, - { "int1", 1610620931, NULL }, - { NULL, 2056, "2"}, -@@ -160,6 +160,15 @@ const asn1_static_node Test_tree_asn1_tab[] = { - { "universalString", 1073741856, NULL }, - { "utf8String", 1073741858, NULL }, - { "bmpString", 33, NULL }, -+ { "id-xnyTest", 1879048204, NULL }, -+ { NULL, 1073741825, "id-ix"}, -+ { NULL, 1073741825, "29"}, -+ { NULL, 1, "1"}, -+ { "id-ix", 1880096780, "OBJECR"}, -+ { NULL, 1073741825, "id-ix"}, -+ { NULL, 1073741825, "29"}, -+ { NULL, 1, "2"}, -+ { "BMPString", 1073741827, NULL }, - { "id-Test", 805306380, NULL }, - { NULL, 1073741825, "1"}, - { NULL, 1073741825, "2"}, --- -2.20.1 - diff --git a/libtasn1.changes b/libtasn1.changes index ddc900c..0e41747 100644 --- a/libtasn1.changes +++ b/libtasn1.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Wed Jul 31 20:15:25 UTC 2019 - Andreas Stieger + +- libtasn1 4.14: + * New #defines for version checking + * other developer visible changes +- drop libtasn1-object-id-recursion.patch, incorporating the + upstream fix for boo#1105435 CVE-2018-1000654 + ------------------------------------------------------------------- Mon Apr 29 16:13:16 UTC 2019 - mgorse@suse.com diff --git a/libtasn1.spec b/libtasn1.spec index 448c814..0cfaaca 100644 --- a/libtasn1.spec +++ b/libtasn1.spec @@ -18,24 +18,21 @@ %define somajor 6 Name: libtasn1 -Version: 4.13 +Version: 4.14 Release: 0 Summary: ASN.1 parsing library License: LGPL-2.1-or-later AND GPL-3.0-only Group: Productivity/Networking/Security -Url: https://www.gnu.org/software/libtasn1/ +URL: https://www.gnu.org/software/libtasn1/ Source0: http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz Source1: ftp://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.gz.sig # http://josefsson.org/key.txt Source2: %{name}.keyring Source99: baselibs.conf -# PATCH-FIX-UPSTREAM libtasn1-object-id-recursion.patch boo#1105435 mgorse@suse.com -- limit recursion in _asn1_expand_object_id. -Patch0: libtasn1-object-id-recursion.patch BuildRequires: info BuildRequires: pkgconfig Requires(post): %{install_info_prereq} Requires(preun): %{install_info_prereq} -BuildRoot: %{_tmppath}/%{name}-%{version}-build %description This is the ASN.1 library used by GNUTLS. More up to date information @@ -64,7 +61,6 @@ http://www.gnutls.org %prep %setup -q -%patch0 -p1 %build %configure --disable-static @@ -87,22 +83,21 @@ make %{?_smp_mflags} check %postun -n libtasn1-%{somajor} -p /sbin/ldconfig %files -%defattr(-, root, root) -%license COPYING.LIB -%doc NEWS README THANKS +%license doc/COPYING* +%doc NEWS README.md THANKS %{_bindir}/* -%{_mandir}/man1/*.1%{ext_man} -%{_infodir}/*.info%{ext_info} +%{_mandir}/man1/*.1%{?ext_man} +%{_infodir}/*.info%{?ext_info} %files -n libtasn1-%{somajor} -%defattr(-, root, root) +%license doc/COPYING* %{_libdir}/*.so.%{somajor}* %files devel -%defattr(-, root, root) +%license doc/COPYING* %{_includedir}/*.h %{_libdir}/*.so %{_libdir}/pkgconfig/libtasn1.pc -%{_mandir}/man3/*.3%{ext_man} +%{_mandir}/man3/*.3%{?ext_man} %changelog