- bundled pyasn1: fix CVE-2026-23490

Resolves: RHEL-142460
This commit is contained in:
Oyvind Albrigtsen 2026-01-27 11:41:38 +01:00
parent 7e31dc04f6
commit f2c0e1bc19
2 changed files with 64 additions and 1 deletions

View File

@ -0,0 +1,57 @@
--- a/google/pyasn1/codec/ber/decoder.py 2019-10-17 07:00:19.000000000 +0200
+++ b/google/pyasn1/codec/ber/decoder.py 2026-01-27 10:43:12.757563432 +0100
@@ -22,6 +22,10 @@
noValue = base.noValue
+# Maximum number of continuation octets (high-bit set) allowed per OID arc.
+# 20 octets allows up to 140-bit integers, supporting UUID-based OIDs
+MAX_OID_ARC_CONTINUATION_OCTETS = 20
+
class AbstractDecoder(object):
protoComponent = None
@@ -342,7 +346,14 @@
# Construct subid from a number of octets
nextSubId = subId
subId = 0
+ continuationOctetCount = 0
while nextSubId >= 128:
+ continuationOctetCount += 1
+ if continuationOctetCount > MAX_OID_ARC_CONTINUATION_OCTETS:
+ raise error.PyAsn1Error(
+ 'OID arc exceeds maximum continuation octets limit (%d) '
+ 'at position %d' % (MAX_OID_ARC_CONTINUATION_OCTETS, index)
+ )
subId = (subId << 7) + (nextSubId & 0x7F)
if index >= substrateLen:
raise error.SubstrateUnderrunError(
--- a/kubevirt/pyasn1/codec/ber/decoder.py 2019-10-17 07:00:19.000000000 +0200
+++ b/kubevirt/pyasn1/codec/ber/decoder.py 2026-01-27 10:43:12.757563432 +0100
@@ -22,6 +22,10 @@
noValue = base.noValue
+# Maximum number of continuation octets (high-bit set) allowed per OID arc.
+# 20 octets allows up to 140-bit integers, supporting UUID-based OIDs
+MAX_OID_ARC_CONTINUATION_OCTETS = 20
+
class AbstractDecoder(object):
protoComponent = None
@@ -342,7 +346,14 @@
# Construct subid from a number of octets
nextSubId = subId
subId = 0
+ continuationOctetCount = 0
while nextSubId >= 128:
+ continuationOctetCount += 1
+ if continuationOctetCount > MAX_OID_ARC_CONTINUATION_OCTETS:
+ raise error.PyAsn1Error(
+ 'OID arc exceeds maximum continuation octets limit (%d) '
+ 'at position %d' % (MAX_OID_ARC_CONTINUATION_OCTETS, index)
+ )
subId = (subId << 7) + (nextSubId & 0x7F)
if index >= substrateLen:
raise error.SubstrateUnderrunError(

View File

@ -57,7 +57,7 @@
Name: fence-agents
Summary: Set of unified programs capable of host isolation ("fencing")
Version: 4.10.0
Release: 105%{?alphatag:.%{alphatag}}%{?dist}
Release: 106%{?alphatag:.%{alphatag}}%{?dist}
License: GPLv2+ and LGPLv2+
URL: https://github.com/ClusterLabs/fence-agents
Source0: https://fedorahosted.org/releases/f/e/fence-agents/%{name}-%{version}.tar.gz
@ -268,6 +268,7 @@ Patch2002: RHEL-95901-pkg_resources-suppress-UserWarning.patch
Patch2003: RHEL-136069-fix-bundled-urllib3-CVE-2025-66418.patch
Patch2004: RHEL-139799-fix-bundled-urllib3-CVE-2025-66471.patch
Patch2005: RHEL-140796-fix-bundled-urllib3-CVE-2026-21441.patch
Patch2006: RHEL-142460-fix-bundled-pyasn1-CVE-2026-23490.patch
%global supportedagents amt_ws apc apc_snmp bladecenter brocade cisco_mds cisco_ucs compute drac5 eaton_snmp emerson eps evacuate hpblade ibmblade ibm_powervs ibm_vpc ifmib ilo ilo_moonshot ilo_mp ilo_ssh intelmodular ipdu ipmilan kdump kubevirt lpar mpath nutanix_ahv redfish rhevm rsa rsb sbd scsi vmware_rest vmware_soap wti
%ifarch x86_64
@ -520,6 +521,7 @@ pushd support
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2003}
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2004}
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2005}
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2006}
%endif
popd
@ -1580,6 +1582,10 @@ are located on corosync cluster nodes.
%endif
%changelog
* Tue Jan 27 2026 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-106
- bundled pyasn1: fix CVE-2026-23490
Resolves: RHEL-142460
* Tue Jan 20 2026 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-105
- bundled urllib3: fix CVE-2025-66471
- bundled urllib3: fix CVE-2026-21441