import libtasn1-4.16.0-8.el9_1

SOURCES/libtasn1-4.19-CVE-2021-46848.patch

@@ -0,0 +1,11 @@
+--- a/lib/int.h	2022-11-30 14:21:26.985600761 -0500
++++ b/lib/int.h	2022-11-30 14:23:25.856065950 -0500
+@@ -97,7 +97,7 @@
+ #define ETYPE_TAG(etype) (_asn1_tags[etype].tag)
+ #define ETYPE_CLASS(etype) (_asn1_tags[etype].class)
+ #define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \
+-                          (etype) <= _asn1_tags_size && \
++                          (etype) < _asn1_tags_size && \
+                           _asn1_tags[(etype)].desc != NULL)?1:0)
+ 
+ #define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \

SPECS/libtasn1.spec

@@ -1,7 +1,7 @@
 Summary:	The ASN.1 library used in GNUTLS
 Name:		libtasn1
 Version:	4.16.0
-Release:	7%{?dist}
+Release:	8%{?dist}
 
 # The libtasn1 library is LGPLv2+, utilities are GPLv3+
 License:	GPLv3+ and LGPLv2+
@@ -11,6 +11,7 @@ Source1:	http://ftp.gnu.org/gnu/libtasn1/%name-%version.tar.gz.sig
 Source2:	gpgkey-1F42418905D8206AA754CCDC29EE58B996865171.gpg
 Patch1:		libtasn1-3.4-rpath.patch
 Patch200:	libtasn1-4.16-coverity.patch
+Patch300:	libtasn1-4.19-CVE-2021-46848.patch
 
 BuildRequires:	gnupg2
 BuildRequires:	gcc
@@ -57,6 +58,7 @@ gpgv2 --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
 
 %patch1 -p1 -b .rpath
 %patch200 -p1 -b .coverity
+%patch300 -p1 -b .CVE-2021-46848
 
 %build
 autoreconf -v -f --install
@@ -95,6 +97,9 @@ make check
 
 
 %changelog
+* Wed Nov 30 2022 Simo Sorce <simo@redhat.com> - 4.16.0-9
+- Resolves: rhbz#2140602
+
 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 4.16.0-7
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
   Related: rhbz#1991688