diff -Nru gpgme1.0-1.4.3/debian/changelog gpgme1.0-1.4.3/debian/changelog
--- gpgme1.0-1.4.3/debian/changelog	2014-04-09 15:59:20.000000000 +0000
+++ gpgme1.0-1.4.3/debian/changelog	2014-08-01 12:51:00.000000000 +0000
@@ -1,3 +1,12 @@
+gpgme1.0 (1.4.3-0.1ubuntu5.1) trusty-security; urgency=medium
+
+  * SECURITY UPDATE: denial of service via different line lengths
+    - debian/patches/CVE-2014-3564.patch: correctly calculate size of
+      buffers in src/engine-gpgsm.c, src/engine-uiserver.c.
+    - CVE-2014-3564
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 01 Aug 2014 08:50:59 -0400
+
 gpgme1.0 (1.4.3-0.1ubuntu5) trusty; urgency=medium
 
   * Fix build failure by running the tests without parallelization.
diff -Nru gpgme1.0-1.4.3/debian/patches/CVE-2014-3564.patch gpgme1.0-1.4.3/debian/patches/CVE-2014-3564.patch
--- gpgme1.0-1.4.3/debian/patches/CVE-2014-3564.patch	1970-01-01 00:00:00.000000000 +0000
+++ gpgme1.0-1.4.3/debian/patches/CVE-2014-3564.patch	2014-08-01 12:50:55.000000000 +0000
@@ -0,0 +1,54 @@
+From 2cbd76f7911fc215845e89b50d6af5ff4a83dd77 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Wed, 30 Jul 2014 11:04:55 +0200
+Subject: [PATCH] Fix possible realloc overflow for gpgsm and uiserver
+ engines.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+* src/engine-gpgsm.c (status_handler):
+* src/engine-uiserver.c (status_handler):
+--
+
+After a realloc (realloc is also used for initial alloc) the allocated
+size if the buffer is not correctly recorded.  Thus an overflow can be
+introduced by receiving data with different line lengths in a specific
+order.  This is not easy exploitable because libassuan constructs the
+line.  However a crash has been reported and thus it might be possible
+to constructs an exploit.
+
+CVE-id: CVE-2014-3564
+Reported-by: TomÃ¡Å¡ Trnka
+---
+ NEWS                  |    3 +++
+ src/engine-gpgsm.c    |    2 +-
+ src/engine-uiserver.c |    2 +-
+ 3 files changed, 5 insertions(+), 2 deletions(-)
+
+Index: gpgme1.0-1.4.3/src/engine-gpgsm.c
+===================================================================
+--- gpgme1.0-1.4.3.orig/src/engine-gpgsm.c	2014-08-01 08:47:37.005004048 -0400
++++ gpgme1.0-1.4.3/src/engine-gpgsm.c	2014-08-01 08:47:36.997004048 -0400
+@@ -837,7 +837,7 @@
+ 	      else
+ 		{
+ 		  *aline = newline;
+-		  gpgsm->colon.attic.linesize += linelen + 1;
++		  gpgsm->colon.attic.linesize = *alinelen + linelen + 1;
+ 		}
+ 	    }
+ 	  if (!err)
+Index: gpgme1.0-1.4.3/src/engine-uiserver.c
+===================================================================
+--- gpgme1.0-1.4.3.orig/src/engine-uiserver.c	2014-08-01 08:47:37.005004048 -0400
++++ gpgme1.0-1.4.3/src/engine-uiserver.c	2014-08-01 08:47:36.997004048 -0400
+@@ -698,7 +698,7 @@
+ 	      else
+ 		{
+ 		  *aline = newline;
+-		  uiserver->colon.attic.linesize += linelen + 1;
++		  uiserver->colon.attic.linesize = *alinelen + linelen + 1;
+ 		}
+ 	    }
+ 	  if (!err)
diff -Nru gpgme1.0-1.4.3/debian/patches/series gpgme1.0-1.4.3/debian/patches/series
--- gpgme1.0-1.4.3/debian/patches/series	2014-04-08 14:07:28.000000000 +0000
+++ gpgme1.0-1.4.3/debian/patches/series	2014-08-01 12:50:55.000000000 +0000
@@ -1 +1,2 @@
 test_engine_ignore_filename.diff
+CVE-2014-3564.patch