Fix double free of internal data

backport-gpg-Fix-double-free-of-internal-data.patch

@@ -0,0 +1,32 @@
+From 0666a8858fafefb6664c976eb94b73550a7e3da4 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Thu, 13 Mar 2025 11:35:34 +0100
+Subject: [PATCH] gpg: Fix double free of internal data.
+
+* g10/sig-check.c (check_signature_over_key_or_uid): Do not free in
+no-sig-cache mode if allocated by caller.
+--
+
+GnuPG-bug-id: 7547
+Fixes-commit: 44cdb9d73f1a0b7d2c8483a119b9c4d6caabc1ec
+---
+ g10/sig-check.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/g10/sig-check.c b/g10/sig-check.c
+index 09d5a8b5f..2ee1ff5b2 100644
+--- a/g10/sig-check.c
++++ b/g10/sig-check.c
+@@ -943,7 +943,8 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
+               rc = get_pubkey_for_sig (ctrl, signer, sig, NULL);
+               if (rc)
+                 {
+-                  xfree (signer);
++                  if (signer_alloced != 1)
++                    xfree (signer);
+                   signer = NULL;
+                   signer_alloced = 0;
+                   goto leave;
+-- 
+2.33.0
+

gnupg2.spec

@@ -1,6 +1,6 @@
 Name: gnupg2
 Version: 2.2.32
-Release: 5
+Release: 6
 Summary: Utility for secure communication and data storage
 
 License: GPLv3+
@@ -22,6 +22,7 @@ Patch10: gnupg-2.2.21-coverity.patch
 Patch11: common-Avoid-undefined-behavior-of-left-shift-operat.patch
 Patch12: backport-CVE-2022-34903.patch
 Patch13: backport-common-Protect-against-a-theoretical-integer-overflow.patch
+Patch14: backport-gpg-Fix-double-free-of-internal-data.patch
 
 BuildRequires: gcc
 BuildRequires: zlib-devel, npth-devel, texinfo
@@ -119,6 +120,9 @@ make check
 
 
 %changelog
+* Fri Mar 21 2025 yixiangzhike <yixiangzhike007@163.com> - 2.2.32-6
+- backport upstream patch to fix double free
+
 * Wed Jun 14 2023 yixiangzhike <yixiangzhike007@163.com> - 2.2.32-5
 - backport upstream patch