From 79ab793136048796273f67af9c1afce6b97c083d Mon Sep 17 00:00:00 2001
From: Pawel Winogrodzki <pawelwi@microsoft.com>
Date: Tue, 25 Oct 2022 16:03:36 -0700
Subject: [PATCH] Updating 'libtasn1' to 4.19.0 to fix CVE-2021-46848. (#4088)

---
 SPECS/libtasn1/libtasn1.signatures.json                    | 2 +-
 SPECS/libtasn1/libtasn1.spec                               | 7 +++++--
 cgmanifest.json                                            | 4 ++--
 .../resources/manifests/package/pkggen_core_aarch64.txt    | 2 +-
 toolkit/resources/manifests/package/pkggen_core_x86_64.txt | 2 +-
 toolkit/resources/manifests/package/toolchain_aarch64.txt  | 6 +++---
 toolkit/resources/manifests/package/toolchain_x86_64.txt   | 6 +++---
 7 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/SPECS/libtasn1/libtasn1.signatures.json b/SPECS/libtasn1/libtasn1.signatures.json
index 30ff84496d..f1695244de 100644
--- a/SPECS/libtasn1/libtasn1.signatures.json
+++ b/SPECS/libtasn1/libtasn1.signatures.json
@@ -1,5 +1,5 @@
 {
  "Signatures": {
-  "libtasn1-4.18.0.tar.gz": "4365c154953563d64c67a024b607d1ee75c6db76e0d0f65709ea80a334cd1898"
+  "libtasn1-4.19.0.tar.gz": "1613f0ac1cf484d6ec0ce3b8c06d56263cc7242f1c23b30d82d23de345a63f7a"
  }
 }
\ No newline at end of file
diff --git a/SPECS/libtasn1/libtasn1.spec b/SPECS/libtasn1/libtasn1.spec
index bc41931a0c..02c28a2833 100644
--- a/SPECS/libtasn1/libtasn1.spec
+++ b/SPECS/libtasn1/libtasn1.spec
@@ -1,7 +1,7 @@
 Summary:        ASN.1 library
 Name:           libtasn1
-Version:        4.18.0
-Release:        2%{?dist}
+Version:        4.19.0
+Release:        1%{?dist}
 License:        GPLv3+ AND LGPLv2+
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -57,6 +57,9 @@ make %{?_smp_mflags} check
 %{_mandir}/man3/*
 
 %changelog
+* Tue Oct 25 2022 Pawel Winogrodzki <pawelwi@microsoft.com> - 4.19.0-1
+- Updating to version 4.19.0 to fix CVE-2021-46848.
+
 * Tue Feb 08 2022 Thomas Crain <thcrain@microsoft.com> - 4.18.0-2
 - Remove manual pkgconfig(*) provides in toolchain specs
 
diff --git a/cgmanifest.json b/cgmanifest.json
index f6f079be45..4162e63fba 100644
--- a/cgmanifest.json
+++ b/cgmanifest.json
@@ -10061,8 +10061,8 @@
         "type": "other",
         "other": {
           "name": "libtasn1",
-          "version": "4.18.0",
-          "downloadUrl": "https://ftp.gnu.org/gnu/libtasn1/libtasn1-4.18.0.tar.gz"
+          "version": "4.19.0",
+          "downloadUrl": "https://ftp.gnu.org/gnu/libtasn1/libtasn1-4.19.0.tar.gz"
         }
       }
     },
diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
index b59bd0ad3b..ed4900965a 100644
--- a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
+++ b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
@@ -224,7 +224,7 @@ mariner-repos-shared-2.0-8.cm2.noarch.rpm
 mariner-repos-2.0-8.cm2.noarch.rpm
 libffi-3.4.2-2.cm2.aarch64.rpm
 libffi-devel-3.4.2-2.cm2.aarch64.rpm
-libtasn1-4.18.0-2.cm2.aarch64.rpm
+libtasn1-4.19.0-1.cm2.aarch64.rpm
 p11-kit-0.24.1-1.cm2.aarch64.rpm
 p11-kit-trust-0.24.1-1.cm2.aarch64.rpm
 ca-certificates-shared-2.0.0-8.cm2.noarch.rpm
diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
index 5bd89df996..bc9d27a7be 100644
--- a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
+++ b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
@@ -224,7 +224,7 @@ mariner-repos-shared-2.0-8.cm2.noarch.rpm
 mariner-repos-2.0-8.cm2.noarch.rpm
 libffi-3.4.2-2.cm2.x86_64.rpm
 libffi-devel-3.4.2-2.cm2.x86_64.rpm
-libtasn1-4.18.0-2.cm2.x86_64.rpm
+libtasn1-4.19.0-1.cm2.x86_64.rpm
 p11-kit-0.24.1-1.cm2.x86_64.rpm
 p11-kit-trust-0.24.1-1.cm2.x86_64.rpm
 ca-certificates-shared-2.0.0-8.cm2.noarch.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt
index 370c87cf76..ecb5ad61d3 100644
--- a/toolkit/resources/manifests/package/toolchain_aarch64.txt
+++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt
@@ -199,9 +199,9 @@ libssh2-debuginfo-1.9.0-2.cm2.aarch64.rpm
 libssh2-devel-1.9.0-2.cm2.aarch64.rpm
 libstdc++-11.2.0-2.cm2.aarch64.rpm
 libstdc++-devel-11.2.0-2.cm2.aarch64.rpm
-libtasn1-4.18.0-2.cm2.aarch64.rpm
-libtasn1-debuginfo-4.18.0-2.cm2.aarch64.rpm
-libtasn1-devel-4.18.0-2.cm2.aarch64.rpm
+libtasn1-4.19.0-1.cm2.aarch64.rpm
+libtasn1-debuginfo-4.19.0-1.cm2.aarch64.rpm
+libtasn1-devel-4.19.0-1.cm2.aarch64.rpm
 libtool-2.4.6-8.cm2.aarch64.rpm
 libtool-debuginfo-2.4.6-8.cm2.aarch64.rpm
 libxml2-2.10.0-1.cm2.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt
index c3866aa557..d1dc7b56d2 100644
--- a/toolkit/resources/manifests/package/toolchain_x86_64.txt
+++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt
@@ -199,9 +199,9 @@ libssh2-debuginfo-1.9.0-2.cm2.x86_64.rpm
 libssh2-devel-1.9.0-2.cm2.x86_64.rpm
 libstdc++-11.2.0-2.cm2.x86_64.rpm
 libstdc++-devel-11.2.0-2.cm2.x86_64.rpm
-libtasn1-4.18.0-2.cm2.x86_64.rpm
-libtasn1-debuginfo-4.18.0-2.cm2.x86_64.rpm
-libtasn1-devel-4.18.0-2.cm2.x86_64.rpm
+libtasn1-4.19.0-1.cm2.x86_64.rpm
+libtasn1-debuginfo-4.19.0-1.cm2.x86_64.rpm
+libtasn1-devel-4.19.0-1.cm2.x86_64.rpm
 libtool-2.4.6-8.cm2.x86_64.rpm
 libtool-debuginfo-2.4.6-8.cm2.x86_64.rpm
 libxml2-2.10.0-1.cm2.x86_64.rpm