FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gpgme -- heap-based buffer overflow in gpgsm status handler

Affected packages
gpgme < 1.5.0

Details

VuXML ID 90ca3ba5-19e6-11e4-8616-001b3856973b
Discovery 2014-06-25
Entry 2014-08-02

Tomas Trnka reports:

Gpgme contains a buffer overflow in the gpgsm status handler that could possibly be exploited using a specially crafted certificate.

References

CVE Name CVE-2014-3564
URL https://bugzilla.redhat.com/show_bug.cgi?id=1113267