diff --git a/NEWS b/NEWS
index c6a8f52e..ff75e9c8 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,9 @@
 Noteworthy changes in version 1.5.1 (unreleased) [C__/A__/R_]
 -------------------------------------------------------------
 
+ * Fix possible overflow in gpgsm and uiserver engines.
+   [CVE-2014-35640]
+
  * Add support for GnuPG 2.1's --with-secret option.
 
  * Interface changes relative to the 1.5.0 release:
diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c
index 8ec15985..3a837577 100644
--- a/src/engine-gpgsm.c
+++ b/src/engine-gpgsm.c
@@ -836,7 +836,7 @@ status_handler (void *opaque, int fd)
 	      else
 		{
 		  *aline = newline;
-		  gpgsm->colon.attic.linesize += linelen + 1;
+		  gpgsm->colon.attic.linesize = *alinelen + linelen + 1;
 		}
 	    }
 	  if (!err)
diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c
index 2738c366..a7184b7a 100644
--- a/src/engine-uiserver.c
+++ b/src/engine-uiserver.c
@@ -698,7 +698,7 @@ status_handler (void *opaque, int fd)
 	      else
 		{
 		  *aline = newline;
-		  uiserver->colon.attic.linesize += linelen + 1;
+		  uiserver->colon.attic.linesize = *alinelen + linelen + 1;
 		}
 	    }
 	  if (!err)