Double-free issue was reported [1] in gnupg2: in scd/command.c 'cert' is freed twice on ksba_cert_new() failure: ... 778 rc = ksba_cert_new (&kc); 779 if (rc) 780 { 781 xfree (cert); 782 goto leave; 783 } ... 803 leave: 804 ksba_cert_release (kc); 805 xfree (cert); Upstream commit that fixes this: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=b0b3803e8c2959dd67ca96debc54b5c6464f0d41 [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773471
Created gnupg2 tracking bugs for this issue: Affects: fedora-all [bug 1178774]
Statement: Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
gnupg2-2.0.27-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
gnupg2-2.0.27-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
gnupg2-2.1.2-2.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.