k_f 14/07/31 13:39:02
Added:gpgme-1.3.2-CVE-2014-3564.patch
Log:
Revbump with backported patch for security bug #518646 (CVE-2014-3564)
(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key
0xFC3B17DE05E136A0!)
Revision ChangesPath
1.1 app-crypt/gpgme/files/gpgme-1.3.2-CVE-2014-3564.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/gpgme/files/gpgme-1.3.2-CVE-2014-3564.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/gpgme/files/gpgme-1.3.2-CVE-2014-3564.patch?rev=1.1&content-type=text/plain
Index: gpgme-1.3.2-CVE-2014-3564.patch
===
diff -r 71644dea35c8 src/engine-gpgsm.c
--- a/src/engine-gpgsm.cThu Jul 31 14:06:58 2014 +0200
+++ b/src/engine-gpgsm.cThu Jul 31 14:10:25 2014 +0200
@@ -834,7 +834,7 @@
else
{
*aline = newline;
- gpgsm->colon.attic.linesize += linelen + 1;
+ gpgsm->colon.attic.linesize = *alinelen + linelen + 1;
}
}
if (!err)
diff -r 71644dea35c8 src/engine-uiserver.c
--- a/src/engine-uiserver.c Thu Jul 31 14:06:58 2014 +0200
+++ b/src/engine-uiserver.c Thu Jul 31 14:10:25 2014 +0200
@@ -699,7 +699,7 @@
else
{
*aline = newline;
- uiserver->colon.attic.linesize += linelen + 1;
+ uiserver->colon.attic.linesize = *alinelen + linelen + 1;
}
}
if (!err)