[git] GPGME - branch, master, updated. gpgme-1.5.0-8-gbfe18a0

by Werner Koch cvs at cvs.gnupg.org
Wed Jul 30 12:04:30 CEST 2014 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".

The branch, master has been updated
       via  bfe18a0651177025ff0a6b978a641bdd1472a0b1 (commit)
       via  16835c3b5d1cea18512b2c93e884d8ca513a2ee7 (commit)
       via  2cbd76f7911fc215845e89b50d6af5ff4a83dd77 (commit)
      from  68116fa5f67238a60bb8be375cc959262fa021d3 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit bfe18a0651177025ff0a6b978a641bdd1472a0b1
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Jul 30 12:03:47 2014 +0200

    Post release updates.
    
    --

diff --git a/NEWS b/NEWS
index cffc209..0ea405b 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,7 @@
+Noteworthy changes in version 1.5.2 (unreleased) [C__/A__/R_]
+-------------------------------------------------------------
+
+
 Noteworthy changes in version 1.5.1 (2014-07-30) [C24/A13/R0]
 -------------------------------------------------------------
 
diff --git a/configure.ac b/configure.ac
index b3e17fa..efc60c7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -29,7 +29,7 @@ min_automake_version="1.11"
 # for the LT versions.
 m4_define(mym4_version_major, [1])
 m4_define(mym4_version_minor, [5])
-m4_define(mym4_version_micro, [1])
+m4_define(mym4_version_micro, [2])
 
 # Below is m4 magic to extract and compute the revision number, the
 # decimalized short revision number, a beta version string, and a flag

commit 16835c3b5d1cea18512b2c93e884d8ca513a2ee7
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Jul 30 11:47:31 2014 +0200

    Release 1.5.1
    
    * configure.ac: Change LT version to C24/A13/R0.

diff --git a/NEWS b/NEWS
index ff75e9c..cffc209 100644
--- a/NEWS
+++ b/NEWS
@@ -1,10 +1,10 @@
-Noteworthy changes in version 1.5.1 (unreleased) [C__/A__/R_]
+Noteworthy changes in version 1.5.1 (2014-07-30) [C24/A13/R0]
 -------------------------------------------------------------
 
- * Fix possible overflow in gpgsm and uiserver engines.
-   [CVE-2014-35640]
+ * Fixed possible overflow in gpgsm and uiserver engines.
+   [CVE-2014-3564]
 
- * Add support for GnuPG 2.1's --with-secret option.
+ * Added support for GnuPG 2.1's --with-secret option.
 
  * Interface changes relative to the 1.5.0 release:
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/configure.ac b/configure.ac
index 92c9463..b3e17fa 100644
--- a/configure.ac
+++ b/configure.ac
@@ -55,10 +55,10 @@ AC_INIT([gpgme],[mym4_full_version],[http://bugs.gnupg.org])
 #   (Interfaces added:			AGE++)
 #   (Interfaces removed/changed:	AGE=0)
 #
-LIBGPGME_LT_CURRENT=23
+LIBGPGME_LT_CURRENT=24
 # Subtract 2 from this value if you want to make the LFS transition an
 # ABI break.  [Note to self: Remove this comment with the next regular break.]
-LIBGPGME_LT_AGE=12
+LIBGPGME_LT_AGE=13
 LIBGPGME_LT_REVISION=0
 
 # If the API is changed in an incompatible way: increment the next counter.

commit 2cbd76f7911fc215845e89b50d6af5ff4a83dd77
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Jul 30 11:04:55 2014 +0200

    Fix possible realloc overflow for gpgsm and uiserver engines.
    
    * src/engine-gpgsm.c (status_handler):
    * src/engine-uiserver.c (status_handler):
    --
    
    After a realloc (realloc is also used for initial alloc) the allocated
    size if the buffer is not correctly recorded.  Thus an overflow can be
    introduced by receiving data with different line lengths in a specific
    order.  This is not easy exploitable because libassuan constructs the
    line.  However a crash has been reported and thus it might be possible
    to constructs an exploit.
    
    CVE-id: CVE-2014-3564
    Reported-by: Tomáš Trnka

diff --git a/NEWS b/NEWS
index c6a8f52..ff75e9c 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,9 @@
 Noteworthy changes in version 1.5.1 (unreleased) [C__/A__/R_]
 -------------------------------------------------------------
 
+ * Fix possible overflow in gpgsm and uiserver engines.
+   [CVE-2014-35640]
+
  * Add support for GnuPG 2.1's --with-secret option.
 
  * Interface changes relative to the 1.5.0 release:
diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c
index 8ec1598..3a83757 100644
--- a/src/engine-gpgsm.c
+++ b/src/engine-gpgsm.c
@@ -836,7 +836,7 @@ status_handler (void *opaque, int fd)
 	      else
 		{
 		  *aline = newline;
-		  gpgsm->colon.attic.linesize += linelen + 1;
+		  gpgsm->colon.attic.linesize = *alinelen + linelen + 1;
 		}
 	    }
 	  if (!err)
diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c
index 2738c36..a7184b7 100644
--- a/src/engine-uiserver.c
+++ b/src/engine-uiserver.c
@@ -698,7 +698,7 @@ status_handler (void *opaque, int fd)
 	      else
 		{
 		  *aline = newline;
-		  uiserver->colon.attic.linesize += linelen + 1;
+		  uiserver->colon.attic.linesize = *alinelen + linelen + 1;
 		}
 	    }
 	  if (!err)

-----------------------------------------------------------------------

Summary of changes:
 NEWS                  |   11 +++++++++--
 configure.ac          |    6 +++---
 src/engine-gpgsm.c    |    2 +-
 src/engine-uiserver.c |    2 +-
 4 files changed, 14 insertions(+), 7 deletions(-)


hooks/post-receive
-- 
GnuPG Made Easy
http://git.gnupg.org

More information about the Gnupg-commits mailing list