diff --git a/RHEL-142460-fix-bundled-pyasn1-CVE-2026-23490.patch b/RHEL-142460-fix-bundled-pyasn1-CVE-2026-23490.patch new file mode 100644 index 0000000..a6de378 --- /dev/null +++ b/RHEL-142460-fix-bundled-pyasn1-CVE-2026-23490.patch @@ -0,0 +1,57 @@ +--- a/google/pyasn1/codec/ber/decoder.py 2019-10-17 07:00:19.000000000 +0200 ++++ b/google/pyasn1/codec/ber/decoder.py 2026-01-27 10:43:12.757563432 +0100 +@@ -22,6 +22,10 @@ + + noValue = base.noValue + ++# Maximum number of continuation octets (high-bit set) allowed per OID arc. ++# 20 octets allows up to 140-bit integers, supporting UUID-based OIDs ++MAX_OID_ARC_CONTINUATION_OCTETS = 20 ++ + + class AbstractDecoder(object): + protoComponent = None +@@ -342,7 +346,14 @@ + # Construct subid from a number of octets + nextSubId = subId + subId = 0 ++ continuationOctetCount = 0 + while nextSubId >= 128: ++ continuationOctetCount += 1 ++ if continuationOctetCount > MAX_OID_ARC_CONTINUATION_OCTETS: ++ raise error.PyAsn1Error( ++ 'OID arc exceeds maximum continuation octets limit (%d) ' ++ 'at position %d' % (MAX_OID_ARC_CONTINUATION_OCTETS, index) ++ ) + subId = (subId << 7) + (nextSubId & 0x7F) + if index >= substrateLen: + raise error.SubstrateUnderrunError( + +--- a/kubevirt/pyasn1/codec/ber/decoder.py 2019-10-17 07:00:19.000000000 +0200 ++++ b/kubevirt/pyasn1/codec/ber/decoder.py 2026-01-27 10:43:12.757563432 +0100 +@@ -22,6 +22,10 @@ + + noValue = base.noValue + ++# Maximum number of continuation octets (high-bit set) allowed per OID arc. ++# 20 octets allows up to 140-bit integers, supporting UUID-based OIDs ++MAX_OID_ARC_CONTINUATION_OCTETS = 20 ++ + + class AbstractDecoder(object): + protoComponent = None +@@ -342,7 +346,14 @@ + # Construct subid from a number of octets + nextSubId = subId + subId = 0 ++ continuationOctetCount = 0 + while nextSubId >= 128: ++ continuationOctetCount += 1 ++ if continuationOctetCount > MAX_OID_ARC_CONTINUATION_OCTETS: ++ raise error.PyAsn1Error( ++ 'OID arc exceeds maximum continuation octets limit (%d) ' ++ 'at position %d' % (MAX_OID_ARC_CONTINUATION_OCTETS, index) ++ ) + subId = (subId << 7) + (nextSubId & 0x7F) + if index >= substrateLen: + raise error.SubstrateUnderrunError( diff --git a/fence-agents.spec b/fence-agents.spec index 3d3e5ba..8fb6464 100644 --- a/fence-agents.spec +++ b/fence-agents.spec @@ -57,7 +57,7 @@ Name: fence-agents Summary: Set of unified programs capable of host isolation ("fencing") Version: 4.10.0 -Release: 105%{?alphatag:.%{alphatag}}%{?dist} +Release: 106%{?alphatag:.%{alphatag}}%{?dist} License: GPLv2+ and LGPLv2+ URL: https://github.com/ClusterLabs/fence-agents Source0: https://fedorahosted.org/releases/f/e/fence-agents/%{name}-%{version}.tar.gz @@ -268,6 +268,7 @@ Patch2002: RHEL-95901-pkg_resources-suppress-UserWarning.patch Patch2003: RHEL-136069-fix-bundled-urllib3-CVE-2025-66418.patch Patch2004: RHEL-139799-fix-bundled-urllib3-CVE-2025-66471.patch Patch2005: RHEL-140796-fix-bundled-urllib3-CVE-2026-21441.patch +Patch2006: RHEL-142460-fix-bundled-pyasn1-CVE-2026-23490.patch %global supportedagents amt_ws apc apc_snmp bladecenter brocade cisco_mds cisco_ucs compute drac5 eaton_snmp emerson eps evacuate hpblade ibmblade ibm_powervs ibm_vpc ifmib ilo ilo_moonshot ilo_mp ilo_ssh intelmodular ipdu ipmilan kdump kubevirt lpar mpath nutanix_ahv redfish rhevm rsa rsb sbd scsi vmware_rest vmware_soap wti %ifarch x86_64 @@ -520,6 +521,7 @@ pushd support /usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2003} /usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2004} /usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2005} +/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2006} %endif popd @@ -1580,6 +1582,10 @@ are located on corosync cluster nodes. %endif %changelog +* Tue Jan 27 2026 Oyvind Albrigtsen - 4.10.0-106 +- bundled pyasn1: fix CVE-2026-23490 + Resolves: RHEL-142460 + * Tue Jan 20 2026 Oyvind Albrigtsen - 4.10.0-105 - bundled urllib3: fix CVE-2025-66471 - bundled urllib3: fix CVE-2026-21441