This bug was fixed in the package libgcrypt20 - 1.7.8-1
---------------
libgcrypt20 (1.7.8-1) unstable; urgency=high
* Fix 25_norevisionfromgit.diff to let ./configure generate a version-string
without -beta suffix. LP: #1700157
* New upstream version.
+ Mitigate a flush+reload side-channel attack on RSA secret keys dubbed
"Sliding right into disaster". For details see
<https://eprint.iacr.org/2017/627>. [CVE-2017-7526]
-- Andreas Metzler <[email protected]> Thu, 29 Jun 2017 18:27:03
+0200
** Changed in: libgcrypt20 (Ubuntu)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7526
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1700157
Title:
gcrypt.h reports version of libgcrypt20 as 1.7.2-beta
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libgcrypt20/+bug/1700157/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
