--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/libtasn1/patches/libtasn1-07-cve-2015-3622.patch	Thu Jul 30 17:45:10 2015 -0700
@@ -0,0 +1,38 @@
+Source:
+Internal
+
+Info:
+https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3622
+The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 
+4.5 allows remote attackers to cause a denial of service (out-of-bounds heap 
+read) via a crafted certificate.
+
+Status:
+Need to determine if this patch has been sent upstream.
+
+--- ORIGINAL/./lib/decoding.c	2015-07-14 19:00:52.376976336 -0700
++++ libtasn1-2.8/./lib/decoding.c	2015-07-14 19:02:03.790570755 -0700
+@@ -758,6 +758,7 @@
+     return ASN1_DER_ERROR;
+ 
+   counter = len3 + 1;
++  DECR_LEN(der_len, len3);
+ 
+   if (len2 == -1)
+     counter_end = der_len - 2;
+@@ -766,6 +767,7 @@
+ 
+   while (counter < counter_end)
+     {
++      DECR_LEN(der_len, 1);
+       len2 = asn1_get_length_der (der + counter, der_len, &len3);
+ 
+       if (len2 < -1)
+@@ -787,7 +789,6 @@
+ 	  DECR_LEN(der_len, len2);
+ 	}
+ 
+-      DECR_LEN(der_len, 1);
+       counter += len2 + len3 + 1;
+     }
+