Hi Daniel, On Thu, Jul 25, 2013 at 11:18:54AM -0400, Daniel Kahn Gillmor wrote: > Package: gnupg > Version: 1.4.12-7.1 > Severity: normal > Tags: security > > http://www.gnupg.org/download/ suggests that 1.4.14 is available from > upstream. debian only has 1.4.12. [...] > > * Mitigate the Yarom/Falkner flush+reload side-channel attack on > RSA secret keys. See <http://eprint.iacr.org/2013/448>.
Only for reference here: Thjis Kinkhorst requested a CVE for this in [1]. [1] http://www.openwall.com/lists/oss-security/2013/07/25/15 Regards, Salvatore -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

