Projects
openEuler:Mainline
libtasn1
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 2
View file
_service:tar_scm:libtasn1.spec
Changed
@@ -1,7 +1,7 @@ Summary: Libtasn1 is a ASN.1 parsing library Name: libtasn1 Version: 4.17.0 -Release: 2 +Release: 3 # The libtasn1 library is LGPLv2+, utilities are GPLv3+ License: GPLv3+ and LGPLv2+ @@ -10,6 +10,7 @@ Source1: http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz.sig Patch0: fix-memleaks-in-asn1-arrat2tree.patch +Patch1: backport-CVE-2021-46848-Fix-ETYPE_OK-off-by-one-array-size-check-Closes-32.patch BuildRequires: gcc, autoconf, automake, libtool, gnupg2, bison, pkgconfig, help2man # when autoconf >= 2.71, the command autoreconf need gtk-doc package @@ -85,6 +86,9 @@ %{_infodir}/*.info.* %changelog +* Tue Oct 25 2022 yixiangzhike <yixiangzhike007@163.com> - 4.17.0-3 +- fix CVE-2021-46848 + * Sat May 28 2022 yixiangzhike <yixiangzhike007@163.com> - 4.17.0-2 - fix fuzz issues
View file
_service:tar_scm:backport-CVE-2021-46848-Fix-ETYPE_OK-off-by-one-array-size-check-Closes-32.patch
Added
@@ -0,0 +1,29 @@ +From 44a700d2051a666235748970c2df047ff207aeb5 Mon Sep 17 00:00:00 2001 +From: Simon Josefsson <simon@josefsson.org> +Date: Wed, 17 Aug 2022 12:25:06 +0200 +Subject: PATCH Fix ETYPE_OK off by one array size check. Closes: #32. + +Reported by David Trabish in +<https://gitlab.com/gnutls/libtasn1/-/issues/32>. + +Signed-off-by: Simon Josefsson <simon@josefsson.org> +--- + lib/int.h | 2 +- + 1 files changed, 1 insertions(+), 1 deletion(-) + +diff --git a/lib/int.h b/lib/int.h +index 488c118..d94d51c 100644 +--- a/lib/int.h ++++ b/lib/int.h +@@ -97,7 +97,7 @@ typedef struct tag_and_class_st + #define ETYPE_TAG(etype) (_asn1_tagsetype.tag) + #define ETYPE_CLASS(etype) (_asn1_tagsetype.class) + #define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \ +- (etype) <= _asn1_tags_size && \ ++ (etype) < _asn1_tags_size && \ + _asn1_tags(etype).desc != NULL)?1:0) + + #define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \ +-- +2.27.0 +
View file
_service
Changed
@@ -2,7 +2,7 @@ <service name="tar_scm"> <param name="scm">git</param> <param name="url">git@gitee.com:src-openeuler/libtasn1.git</param> - <param name="revision">da395be32e71030bb5a1883a79dff871cfdb5605</param> + <param name="revision">master</param> <param name="exclude">*</param> <param name="extract">*</param> </service>
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2