Source: gpgme1.0 Version: 1.5.0-0.1 Severity: grave Tags: security upstream fixed-upstream patch
Hi, the following vulnerability was published for gpgme1.0. (filling with severity grave, but not sure if this can only be used for DoS). CVE-2014-3564[0]: heap-based buffer overflow in gpgsm status handler If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2014-3564 [1] https://bugzilla.redhat.com/show_bug.cgi?id=1113267 [2] http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f7911fc215845e89b50d6af5ff4a83dd77 Please adjust the affected versions in the BTS as needed. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
