libgcrypt20 (1.6.4-5ubuntu1) xenial; urgency=medium * SECURITY UPDATE: side-channel attack on ECDH - debian/patches/CVE-2015-7511.patch: perform input validation and fix error paths in cipher/ecc.c, use constant-time multiplication in mpi/ec.c. - CVE-2015-7511
Date: Wed, 10 Feb 2016 10:54:55 -0500 Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> https://launchpad.net/ubuntu/+source/libgcrypt20/1.6.4-5ubuntu1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 10 Feb 2016 10:54:55 -0500 Source: libgcrypt20 Binary: libgcrypt20-doc libgcrypt20-dev libgcrypt20 libgcrypt20-udeb libgcrypt11-dev Architecture: source Version: 1.6.4-5ubuntu1 Distribution: xenial Urgency: medium Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Description: libgcrypt11-dev - transitional libgcrypt11-dev package libgcrypt20 - LGPL Crypto library - runtime library libgcrypt20-dev - LGPL Crypto library - development files libgcrypt20-doc - LGPL Crypto library - documentation libgcrypt20-udeb - LGPL Crypto library - runtime library (udeb) Changes: libgcrypt20 (1.6.4-5ubuntu1) xenial; urgency=medium . * SECURITY UPDATE: side-channel attack on ECDH - debian/patches/CVE-2015-7511.patch: perform input validation and fix error paths in cipher/ecc.c, use constant-time multiplication in mpi/ec.c. - CVE-2015-7511 Checksums-Sha1: 624e9402e6c6014078c83053b43efb8899dc1bd6 2609 libgcrypt20_1.6.4-5ubuntu1.dsc d968e41c08d299243cd97c971680ef376bc73b17 31084 libgcrypt20_1.6.4-5ubuntu1.debian.tar.xz Checksums-Sha256: 5f8a663964368b139a24ae922194273ea95c810e2209efcbc886d0f8375a04aa 2609 libgcrypt20_1.6.4-5ubuntu1.dsc 799223868abb565c7222ddcf3fc2f1e01e0c5816c9d8acd6c764293c47cd6a39 31084 libgcrypt20_1.6.4-5ubuntu1.debian.tar.xz Files: 4896b6a817582b9ce4ce73c3d1f8e93e 2609 libs optional libgcrypt20_1.6.4-5ubuntu1.dsc 4b4826a3256cb38094cbd52050c4c6b7 31084 libs optional libgcrypt20_1.6.4-5ubuntu1.debian.tar.xz Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-ma...@lists.alioth.debian.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWu2UaAAoJEGVp2FWnRL6TPAwP/0t5F7mY+BAWUuOw6iEm47DF BhLqFcpiQ9YnnYyt2SBxw95zMhffa2Y8xy8YD1FjAVcPDbjOzGpuuoT8FsubfDKF N3i6/6sJFUa7KmilYhwUtDW3UHIZbgVB2VGTAmkYoQRVDdnCJRl9ohzJEfbbRAdJ 46gWimrqT4p7KVp59rVoz7eipCiUizaa805R2j3SdXQfiHHMlm9ECclYf2HDuaEV W1ycUSLJx9Awnhq6pX6xAJUFbduBtQnL3EQIEkY+rcD7IJ4IKkji6KT1edgfgYK3 4FGKrtVZKoXq7zV8umK7gxOyYHZ9UuviA5i0ruVB7lUwouz1husWS84gVwVcOAei ty491vcomV/bYkaPxz8dZOW1I0ePa/WjEXVlLLUhpJoDalKAuuspwefKa7zSG/pN 8eACbxSNrB70ZQLl4JtDmA76K9MNgSJGLSkEIrbzvo1G095GRw7Zisixq+08Tq59 UQ1aQ5xCsikuMalESKGgDey9oS14yiA/RqkslRxLFtuKGCOjQZw92BgiatJyZrKS ri+qICNE/eErFKu5sRX2YlwPux6BAU6x06O2F9dZq/WFcfAX0wmEmAYLW2Gyu3Kz QQaXeDyXCwTEUa4kVWQizxrlnNH1UFdgJKHYUj20BmcdO03BCMeZvgVUxZlqkBtF +PuuoywbK5+L94HEP7Ma =4U/P -----END PGP SIGNATURE-----
-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes