Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: [email protected], [email protected]
Control: affects -1 + src:libtasn1-6
User: [email protected]
Usertags: pu
* CVE-2025-13151: Stack-based buffer overflow in asn1_expand_octet_string()
(Closes: #1125063)
diffstat for libtasn1-6-4.20.0 libtasn1-6-4.20.0
changelog | 8 ++++
patches/0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch | 26 ++++++++++++++
patches/series | 1
3 files changed, 35 insertions(+)
diff -Nru libtasn1-6-4.20.0/debian/changelog libtasn1-6-4.20.0/debian/changelog
--- libtasn1-6-4.20.0/debian/changelog 2025-02-14 20:07:38.000000000 +0200
+++ libtasn1-6-4.20.0/debian/changelog 2026-06-17 21:48:52.000000000 +0300
@@ -1,3 +1,11 @@
+libtasn1-6 (4.20.0-2+deb13u1) trixie; urgency=medium
+
+ * Non-maintainer upload.
+ * CVE-2025-13151: Stack-based buffer overflow in asn1_expand_octet_string()
+ (Closes: #1125063)
+
+ -- Adrian Bunk <[email protected]> Wed, 17 Jun 2026 21:48:52 +0300
+
libtasn1-6 (4.20.0-2) unstable; urgency=medium
* Fix autopkgtest by running ./configure.
diff -Nru
libtasn1-6-4.20.0/debian/patches/0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch
libtasn1-6-4.20.0/debian/patches/0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch
---
libtasn1-6-4.20.0/debian/patches/0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch
1970-01-01 02:00:00.000000000 +0200
+++
libtasn1-6-4.20.0/debian/patches/0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch
2026-06-17 21:43:57.000000000 +0300
@@ -0,0 +1,26 @@
+From 673ef0883c725c3ab642e71e95bbf1f4fc86c824 Mon Sep 17 00:00:00 2001
+From: Vijay Sarvepalli <[email protected]>
+Date: Mon, 22 Dec 2025 12:24:27 -0500
+Subject: Fix for CVE-2025-13151 Buffer overflow
+
+Signed-off-by: Simon Josefsson <[email protected]>
+---
+ lib/decoding.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/decoding.c b/lib/decoding.c
+index 1e0fcb3..abcb49f 100644
+--- a/lib/decoding.c
++++ b/lib/decoding.c
+@@ -1983,7 +1983,7 @@ int
+ asn1_expand_octet_string (asn1_node_const definitions, asn1_node *element,
+ const char *octetName, const char *objectName)
+ {
+- char name[2 * ASN1_MAX_NAME_SIZE + 1], value[ASN1_MAX_NAME_SIZE];
++ char name[2 * ASN1_MAX_NAME_SIZE + 2], value[ASN1_MAX_NAME_SIZE];
+ int retCode = ASN1_SUCCESS, result;
+ int len, len2, len3;
+ asn1_node_const p2;
+--
+2.47.3
+
diff -Nru libtasn1-6-4.20.0/debian/patches/series
libtasn1-6-4.20.0/debian/patches/series
--- libtasn1-6-4.20.0/debian/patches/series 1970-01-01 02:00:00.000000000
+0200
+++ libtasn1-6-4.20.0/debian/patches/series 2026-06-17 21:48:30.000000000
+0300
@@ -0,0 +1 @@
+0001-Fix-for-CVE-2025-13151-Buffer-overflow.patch
