Control: tags -1 d-i On 2015-03-09 15:22, Andreas Metzler wrote: > Package: release.debian.org > Severity: normal > User: [email protected] > Usertags: unblock > > Hello, > > Please unblock package libgcrypt20. This is bugfix only stable > release, taking care of two side-channel vulnerabilities (CVE-2015-0837 > and CVE-2014-3591): > Noteworthy changes in version 1.6.3 (2015-02-27) [C20/A0/R3] > ------------------------------------------------ > > * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. > See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. > > * Fixed data-dependent timing variations in modular exponentiation > [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks > are Practical]. > > * Improved asm support for older toolchains. > > Find attached the filtered debdiff (| filterdiff -x '*/build-aux/*' -x > '*/Makefile.in' -x '*/configure' -x '*/gcrypt.info*' -x > '*/aclocal.m4') versus testing. > > thanks, cu Andreas > > unblock libgcrypt20/1.6.3-2 >
It is a bit noiser than I liked (especially without your filterdiff), but ack from RT, CC'ing KiBi for a d-i ack. Thanks, ~Niels -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
