oss-sec mailing list archives
Re: CVE Request(s): GnuPG 2/GPG2
From: Joshua Rogers <oss () internot info>
Date: Thu, 01 Jan 2015 07:45:52 +1100
On 30/12/14 06:57, Joshua Rogers wrote:
Hi, I found multiple vulnerabilities in GPG2. Could some CVE-ID(s) be assigned please. Patches were provided by multiple people. -- Double free in scd/command.c: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773471 Double free in sm/minip12.c: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773472 These two seem related in code: Return after free in sm/gpgsm.c: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773473 Return after free in dirmngr/ldapserver.c: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773523 -- Thanks,
Any updates? Thanks, -- -- Joshua Rogers <https://internot.info/>
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE Request(s): GnuPG 2/GPG2 Joshua Rogers (Dec 29)
- Re: CVE Request(s): GnuPG 2/GPG2 Joshua Rogers (Dec 31)