[Bug 890123] New: gpgme 1.5.1 Fixes possible overflow in gpgsm and uiserver engines
https://bugzilla.novell.com/show_bug.cgi?id=890123 https://bugzilla.novell.com/show_bug.cgi?id=890123#c0 Summary: gpgme 1.5.1 Fixes possible overflow in gpgsm and uiserver engines Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: All OS/Version: openSUSE 13.1 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: Andreas.Stieger@gmx.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0 From http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=blob;f=NEWS;h=0ea405ba... Noteworthy changes in version 1.5.1 (2014-07-30) [C24/A13/R0] ------------------------------------------------------------- * Fixed possible overflow in gpgsm and uiserver engines. [CVE-2014-3564] * Added support for GnuPG 2.1's --with-secret option. * Interface changes relative to the 1.5.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GPGME_KEYLIST_MODE_WITH_SECRET NEW. Reproducible: Didn't try -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c1
--- Comment #1 from Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c2
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c3
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c4
--- Comment #4 from Vitezslav Cizek
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c5
--- Comment #5 from Andreas Stieger
* Noteworthy changes in version 1.4.4 (2014-07-30) - Fixed possible overflow in gpgsm and uiserver engines. [CVE-2014-3564] - Fixed possibled segv in gpgme_op_card_edit. - Fixed minor memleaks and possible zombie processes. - Fixed prototype inconsistencies and void pointer arithmetic.
They made a maintenance release for gpgme 1.4.x (openSUSE 13.1), propose straight update there. https://build.opensuse.org/request/show/243910 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c6
--- Comment #6 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=890123
https://bugzilla.novell.com/show_bug.cgi?id=890123#c
Marcus Meissner
participants (1)
-
bugzilla_noreply@novell.com