#9685: libgcrypt-1.8.1
-------------------------+------------------------------
Reporter: bdubbs@… | Owner: pierre.labastie
Type: enhancement | Status: assigned
Priority: normal | Milestone: 8.2
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
-------------------------+------------------------------
Comment (by pierre.labastie):
{{{
Noteworthy changes in version 1.8.1 (2017-08-27)
================================================
- Mitigate a local side-channel attack on Curve25519 dubbed "May
the Fourth be With You". [CVE-2017-0379]
- Add more extra bytes to the pool after reading a seed file.
- Add the OID SHA384WithECDSA from RFC-7427 to SHA-384.
- Fix build problems with the Jitter RNG
- Fix assembler code build problems on Rasbian (ARMv8/AArch32-CE).
}}}
For the mathematically incluned, here is the vulnerability:
https://eprint.iacr.org/2017/806.pdf
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/9685#comment:2>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page