Your message dated Tue, 17 Feb 2015 22:03:41 +0000 with message-id <[email protected]> and subject line Bug#773471: fixed in gnupg2 2.0.26-5 has caused the Debian Bug report #773471, regarding Fwd: Double free to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 773471: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773471 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: gnupg2 Version: 2.1.1 Severity: normal Hi, In scd/command.c, 'cert' is freed twice. Not sure of lines, so I'll copy and paste the code. > rc = ksba_cert_new (&kc); if (rc) { xfree (cert); goto leave; } > leave: ksba_cert_release (kc); xfree (cert); TEST_CARD_REMOVAL (ctrl, > rc); return rc; Thanks, -- -- Joshua Rogers <https://internot.info/>
--- End Message ---
--- Begin Message ---Source: gnupg2 Source-Version: 2.0.26-5 We believe that the bug you reported is fixed in the latest version of gnupg2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Daniel Kahn Gillmor <[email protected]> (supplier of updated gnupg2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 16 Feb 2015 17:45:06 -0500 Source: gnupg2 Binary: gnupg-agent scdaemon gpgsm gnupg2 gpgv2 Architecture: source Version: 2.0.26-5 Distribution: unstable Urgency: medium Maintainer: Debian GnuPG Maintainers <[email protected]> Changed-By: Daniel Kahn Gillmor <[email protected]> Description: gnupg-agent - GNU privacy guard - password agent gnupg2 - GNU privacy guard - a free PGP replacement (new v2.x) gpgsm - GNU privacy guard - S/MIME version gpgv2 - GNU privacy guard - signature verification tool (new v2.x) scdaemon - GNU privacy guard - smart card support Closes: 773415 773423 773469 773471 773472 778577 Changes: gnupg2 (2.0.26-5) unstable; urgency=medium . * import bug-fixes from upstream (Closes: #773415, #773469, #773471, #773472, #773423) * Fixes CVE-2015-1606 "Use after free, resulting from failure to skip invalid packets", CVE-2015-1607 "memcpy with overlapping ranges, resulting from incorrect bitwise left shifts" (Closes: #778577) Checksums-Sha1: 4fa69a3d72e4f7ac5e8bafb9f799ed9c0f18e3c9 2547 gnupg2_2.0.26-5.dsc b727cc5ce9af93d4184202ee61c9ced2f6d8cced 385299 gnupg2_2.0.26-5.debian.tar.bz2 Checksums-Sha256: 35eedba060463f02b8387c7949a45f8d0d7144e980870048bff11c9389207f5c 2547 gnupg2_2.0.26-5.dsc 970e224a6989717f8e4f9c4c379066a4ae7914ee7d96c627ef53871f698c0e7b 385299 gnupg2_2.0.26-5.debian.tar.bz2 Files: 992e2592fa562675d01721f6f54602a8 2547 utils optional gnupg2_2.0.26-5.dsc 3880595c81897064d6b75a9edd6fc223 385299 utils optional gnupg2_2.0.26-5.debian.tar.bz2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJU47ZQXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQjk2OTEyODdBN0FEREUzNzU3RDkxMUVB NTI0MDFCMTFCRkRGQTVDAAoJEKUkAbEb/fpcevcQAMYREynNi5+RT2/HjU45LKkt OWIKV4EMUXEB3dVujVlWoiKrn2rqiV50B0BrKgRSoqndeeSdyx+CuS8CFZ0sqFNH 55dAt9Qfo/WsUWCiPcVg7EVinYF/nJG6ZmoFWvnPqNR6zXPCRd3rkWHVXEy4AIoL iXo3z7ZM5VEZxwPHavuBSdOu8bfPB6oIh7AHmNHqCz60qeWCjUqJSq1sMGGzGh+x +XnvhCsNz3cwVwjxG7TZENDvSso4OMQWr5HkccGSxNZNQNBuRTwVzxnEGRN0J87p pyLiaHNBZoHyK0jT4NX4Knlwb6/B9/lS2QyuhJ2pJvWFbBGWQ9FhiVrH5m1pX94M 4VcwTuY685p4E8REV+wVEiOA+MlVnLF8PLvBuYDy55nWZVfg4iU6HUzAojnRTS6c jkcqzWRIYSxSxw1JV/2z8XJZifgnpihy6nHtKptIIMtqxEZuLfpv7wxLqzUmGk3u ZoHYDtigpAH+K8nnV9Mwe6TRS1kugnFWngj1TZxboJNiSMDYsFJITMi9Nv2BzoQr hqvS61UHVb1yBlTcinZVX6sEIjcI45/PKa6Qb4cFg6uObkmOgSVmT+1Yp0eDsvO2 tK76BTx0g9AOC4JAIsuq6M46fbFlWEEMxohl0Pe7hQ5uL+jjx73LPw7GEkDiE1EM l15PDCqWUJTw0nxGxfe7 =oAqf -----END PGP SIGNATURE-----
--- End Message ---
