oss-sec mailing list archives

CVE Request(s): GnuPG 2/GPG2

From: Joshua Rogers <honey () internot info>
Date: Tue, 30 Dec 2014 06:57:43 +1100

Hi,

I found multiple vulnerabilities in GPG2.
Could some CVE-ID(s) be assigned please.
Patches were provided by multiple people.

--
Double free in scd/command.c:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773471

Double free in sm/minip12.c:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773472


These two seem related in code:
Return after free in sm/gpgsm.c:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773473
Return after free in dirmngr/ldapserver.c:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773523
--

Thanks,
-- 
-- Joshua Rogers <https://internot.info/>

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

CVE Request(s): GnuPG 2/GPG2 Joshua Rogers (Dec 29)
- Re: CVE Request(s): GnuPG 2/GPG2 Joshua Rogers (Dec 31)