Bug#1140295: trixie-pu: package libtasn1-6/4.20.0-2+deb13u1

[Adrian Bunk]

Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: libtasn1-6 at packages.debian.org, security at debian.org
Control: affects -1 + src:libtasn1-6
User: release.debian.org at packages.debian.org
Usertags: pu

  * CVE-2025-13151: Stack-based buffer overflow in asn1_expand_octet_string()
    (Closes: #1125063)
-------------- next part --------------
diffstat for libtasn1-6-4.20.0 libtasn1-6-4.20.0

 changelog                                                 |    8 ++++
 patches/0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch |   26 ++++++++++++++
 patches/series                                            |    1 
 3 files changed, 35 insertions(+)

diff -Nru libtasn1-6-4.20.0/debian/changelog libtasn1-6-4.20.0/debian/changelog
--- libtasn1-6-4.20.0/debian/changelog	2025-02-14 20:07:38.000000000 +0200
+++ libtasn1-6-4.20.0/debian/changelog	2026-06-17 21:48:52.000000000 +0300
@@ -1,3 +1,11 @@
+libtasn1-6 (4.20.0-2+deb13u1) trixie; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2025-13151: Stack-based buffer overflow in asn1_expand_octet_string()
+    (Closes: #1125063)
+
+ -- Adrian Bunk <bunk at debian.org>  Wed, 17 Jun 2026 21:48:52 +0300
+
 libtasn1-6 (4.20.0-2) unstable; urgency=medium
 
   * Fix autopkgtest by running ./configure.
diff -Nru libtasn1-6-4.20.0/debian/patches/0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch libtasn1-6-4.20.0/debian/patches/0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch
--- libtasn1-6-4.20.0/debian/patches/0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch	1970-01-01 02:00:00.000000000 +0200
+++ libtasn1-6-4.20.0/debian/patches/0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch	2026-06-17 21:43:57.000000000 +0300
@@ -0,0 +1,26 @@
+From 673ef0883c725c3ab642e71e95bbf1f4fc86c824 Mon Sep 17 00:00:00 2001
+From: Vijay Sarvepalli <vssarvepalli at cert.org>
+Date: Mon, 22 Dec 2025 12:24:27 -0500
+Subject: Fix for CVE-2025-13151 Buffer overflow
+
+Signed-off-by: Simon Josefsson <simon at josefsson.org>
+---
+ lib/decoding.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/decoding.c b/lib/decoding.c
+index 1e0fcb3..abcb49f 100644
+--- a/lib/decoding.c
++++ b/lib/decoding.c
+@@ -1983,7 +1983,7 @@ int
+ asn1_expand_octet_string (asn1_node_const definitions, asn1_node *element,
+ 			  const char *octetName, const char *objectName)
+ {
+-  char name[2 * ASN1_MAX_NAME_SIZE + 1], value[ASN1_MAX_NAME_SIZE];
++  char name[2 * ASN1_MAX_NAME_SIZE + 2], value[ASN1_MAX_NAME_SIZE];
+   int retCode = ASN1_SUCCESS, result;
+   int len, len2, len3;
+   asn1_node_const p2;
+-- 
+2.47.3
+
diff -Nru libtasn1-6-4.20.0/debian/patches/series libtasn1-6-4.20.0/debian/patches/series
--- libtasn1-6-4.20.0/debian/patches/series	1970-01-01 02:00:00.000000000 +0200
+++ libtasn1-6-4.20.0/debian/patches/series	2026-06-17 21:48:30.000000000 +0300
@@ -0,0 +1 @@
+0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch