--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/libtasn1/patches/libtasn1-07-cve-2015-3622.patch Thu Jul 30 17:45:10 2015 -0700
@@ -0,0 +1,38 @@
+Source:
+Internal
+
+Info:
+https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3622
+The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before
+4.5 allows remote attackers to cause a denial of service (out-of-bounds heap
+read) via a crafted certificate.
+
+Status:
+Need to determine if this patch has been sent upstream.
+
+--- ORIGINAL/./lib/decoding.c 2015-07-14 19:00:52.376976336 -0700
++++ libtasn1-2.8/./lib/decoding.c 2015-07-14 19:02:03.790570755 -0700
+@@ -758,6 +758,7 @@
+ return ASN1_DER_ERROR;
+
+ counter = len3 + 1;
++ DECR_LEN(der_len, len3);
+
+ if (len2 == -1)
+ counter_end = der_len - 2;
+@@ -766,6 +767,7 @@
+
+ while (counter < counter_end)
+ {
++ DECR_LEN(der_len, 1);
+ len2 = asn1_get_length_der (der + counter, der_len, &len3);
+
+ if (len2 < -1)
+@@ -787,7 +789,6 @@
+ DECR_LEN(der_len, len2);
+ }
+
+- DECR_LEN(der_len, 1);
+ counter += len2 + len3 + 1;
+ }
+