!24 【Mainline】Update to 4.19.0

From: @yixiangzhike 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee

backport-CVE-2021-46848-Fix-ETYPE_OK-off-by-one-array-size-check-Closes-32.patch

@@ -1,29 +0,0 @@
-From 44a700d2051a666235748970c2df047ff207aeb5 Mon Sep 17 00:00:00 2001
-From: Simon Josefsson <simon@josefsson.org>
-Date: Wed, 17 Aug 2022 12:25:06 +0200
-Subject: [PATCH] Fix ETYPE_OK off by one array size check.  Closes: #32.
-
-Reported by David Trabish in
-<https://gitlab.com/gnutls/libtasn1/-/issues/32>.
-
-Signed-off-by: Simon Josefsson <simon@josefsson.org>
----
- lib/int.h | 2 +-
- 1 files changed, 1 insertions(+), 1 deletion(-)
-
-diff --git a/lib/int.h b/lib/int.h
-index 488c118..d94d51c 100644
---- a/lib/int.h
-+++ b/lib/int.h
-@@ -97,7 +97,7 @@ typedef struct tag_and_class_st
- #define ETYPE_TAG(etype) (_asn1_tags[etype].tag)
- #define ETYPE_CLASS(etype) (_asn1_tags[etype].class)
- #define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \
--                          (etype) <= _asn1_tags_size && \
-+                          (etype) < _asn1_tags_size && \
-                           _asn1_tags[(etype)].desc != NULL)?1:0)
- 
- #define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \
--- 
-2.27.0
-

fix-memleaks-in-asn1-arrat2tree.patch

@@ -5,24 +5,24 @@ Subject: [PATCH] fix memleaks in asn1 arrat2tree
 
 ---
  lib/parser_aux.c |  2 +-
- lib/structure.c  | 20 +++++++++----
+ lib/structure.c  | 20 ++++++++++++++------
  2 files changed, 15 insertions(+), 7 deletions(-)
 
 diff --git a/lib/parser_aux.c b/lib/parser_aux.c
-index d5dbbf8..071f1be 100644
+index c05bd23..e5e4cc3 100644
 --- a/lib/parser_aux.c
 +++ b/lib/parser_aux.c
-@@ -767,7 +767,7 @@ _asn1_expand_object_id (list_type **list, asn1_node node)
+@@ -766,7 +766,7 @@ _asn1_expand_object_id (list_type ** list, asn1_node node)
  			return ASN1_ELEMENT_NOT_FOUND;
  
  		      _asn1_set_down (p, p2->right);
 -		      if (p2->down)
 +		      while (p2->down)
  			_asn1_delete_structure (*list, &p2->down, 0);
- 		      _asn1_delete_node_from_list(*list, p2);
+ 		      _asn1_delete_node_from_list (*list, p2);
  		      _asn1_remove_node (p2, 0);
 diff --git a/lib/structure.c b/lib/structure.c
-index 8189c56..6dfba58 100644
+index 512dd60..13f02ba 100644
 --- a/lib/structure.c
 +++ b/lib/structure.c
 @@ -207,13 +207,13 @@ asn1_array2tree (const asn1_static_node * array, asn1_node * definitions,
@@ -41,8 +41,8 @@ index 8189c56..6dfba58 100644
  	    _asn1_delete_structure (e_list, &p_last->right, 0);
  	  _asn1_set_right (p_last, p);
  	}
-@@ -317,7 +317,7 @@ int
- _asn1_delete_structure (list_type *e_list, asn1_node * structure, unsigned int flags)
+@@ -318,7 +318,7 @@ _asn1_delete_structure (list_type * e_list, asn1_node * structure,
+ 			unsigned int flags)
  {
    asn1_node p, p2, p3;
 -
@@ -50,7 +50,7 @@ index 8189c56..6dfba58 100644
    if (*structure == NULL)
      return ASN1_ELEMENT_NOT_FOUND;
  
-@@ -347,7 +347,11 @@ _asn1_delete_structure (list_type *e_list, asn1_node * structure, unsigned int f
+@@ -348,7 +348,11 @@ _asn1_delete_structure (list_type * e_list, asn1_node * structure,
  		{
  		  p3 = _asn1_find_up (p);
  		  if (p3)
@@ -62,7 +62,7 @@ index 8189c56..6dfba58 100644
  		  else
  		    {
  		      if (p->right)
-@@ -355,15 +359,19 @@ _asn1_delete_structure (list_type *e_list, asn1_node * structure, unsigned int f
+@@ -356,15 +360,19 @@ _asn1_delete_structure (list_type * e_list, asn1_node * structure,
  		    }
  		}
  	      else
@@ -86,5 +86,5 @@ index 8189c56..6dfba58 100644
    return ASN1_SUCCESS;
  }
 -- 
-1.8.3.1
+2.27.0
 

libtasn1-4.17.0.tar.gz.sig

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEzBAABCgAdFiEEmUFc4ZBdDlWp+IAmhgt/uzL4EZ0FAmCdXhAACgkQhgt/uzL4
-EZ2U2wgApO/SsHff0JLFuYsEobTeMF5mCusi13JMjovJPYOLjgi6fYP0JnMWX66y
-DG22L+lJmC1C9VOI4RViVm4EEGmtwCw1NAT4COjdFUwjPgbNqiesxGMpeneFPGyV
-FR3riRvjLgc5JqmnZ+Loy/ON6Ex5Enx9RJr4ezDGi6c1eQzTd3hsJU2TnZJAdiLk
-2mb0ZILNuZoJGrctxIEqiDMKGBqDAgZC9XD8J4ggwtBOQwH58/LSxA6yi87E7oLH
-OQqJwh8IgSKVQ0FQfZU+4RmMREr08W/x74ybAUYzUrBn4cL3nJ2WcSo0POPNkQ8e
-C+bk31OLvPezCgbV2s1nZRNWk/Th4w==
-=ocLC
------END PGP SIGNATURE-----

libtasn1-4.19.0.tar.gz.sig

@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+
+iHUEABYIAB0WIQSjzJyHC50xCrrUzy9RcisI/kdFogUCYwUS9wAKCRBRcisI/kdF
+ouWTAP95jlnitHZ2gCNZgtei9tEjdUVVL8CsFbQnvogFVUvieQD/XzHxaRGluLTh
+DuHAJzrPScJUtPGImSUsoqcgozUv4w8=
+=zX4n
+-----END PGP SIGNATURE-----

libtasn1.spec

@@ -1,7 +1,7 @@
 Summary:	Libtasn1 is a ASN.1 parsing library
 Name:		libtasn1
-Version:	4.17.0
-Release:	3
+Version:	4.19.0
+Release:	1
 
 # The libtasn1 library is LGPLv2+, utilities are GPLv3+
 License:	GPLv3+ and LGPLv2+
@@ -10,7 +10,6 @@ Source0:	http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz
 Source1:	http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz.sig
 
 Patch0:         fix-memleaks-in-asn1-arrat2tree.patch
-Patch1:         backport-CVE-2021-46848-Fix-ETYPE_OK-off-by-one-array-size-check-Closes-32.patch
 
 BuildRequires:	gcc, autoconf, automake, libtool, gnupg2, bison, pkgconfig, help2man
 # when autoconf >= 2.71, the command autoreconf need gtk-doc package
@@ -80,12 +79,15 @@ test "$1" = 0 -a -f %_infodir/%name.info.gz && \
 %{_includedir}/*
 
 %files help
-%doc doc/TODO doc/*.pdf
+%doc doc/TODO
 %{_mandir}/man1/asn1*
 %{_mandir}/man3/*asn1*
 %{_infodir}/*.info.*
 
 %changelog
+* Thu Jul 13 2023 yixiangzhike <yixiangzhike007@163.com> - 4.19.0-1
+- update to 4.19.0
+
 * Tue Oct 25 2022 yixiangzhike <yixiangzhike007@163.com> - 4.17.0-3
 - fix CVE-2021-46848