Change log for libgcrypt20 package in Ubuntu
| 1 → 73 of 73 results | First • Previous • Next • Last |
libgcrypt20 (1.10.3-3) unstable; urgency=medium
* 30_m4-Include-_AM_PATH_GPGRT_CONFIG-definition.patch from upstream GIT
master: Update libgcrypt.m4 to let AM_PATH_LIBGCRYPT continue to work
without preceding AM_PATH_GPG_ERROR() when libgcrypt-config is removed.
-- Andreas Metzler <email address hidden> Tue, 14 May 2024 18:11:46 +0200
Available diffs
| Superseded in oracular-release |
| Published in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
libgcrypt20 (1.10.3-2build1) noble; urgency=high * No change rebuild for 64-bit time_t and frame pointers. -- Julian Andres Klode <email address hidden> Mon, 08 Apr 2024 18:03:56 +0200
Available diffs
- diff from 1.10.3-2 (in Debian) to 1.10.3-2build1 (543 bytes)
libgcrypt20 (1.10.3-2) unstable; urgency=medium * Upload to unstable. -- Andreas Metzler <email address hidden> Fri, 01 Dec 2023 11:47:14 +0100
Available diffs
| Published in jammy-proposed |
libgcrypt20 (1.9.4-3ubuntu3.1) jammy; urgency=medium * sha3: fix sha3 output for inputs > 4 GiB LP: #2044852 - d/p/0007-keccak-Use-size_t-to-avoid-integer-overflow.patch -- Tobias Heider <email address hidden> Mon, 27 Nov 2023 22:12:24 +0100
Available diffs
| Superseded in noble-release |
| Published in mantic-release |
| Deleted in mantic-proposed (Reason: Moved to mantic) |
libgcrypt20 (1.10.2-3ubuntu1) mantic; urgency=medium
* Merge with Debian unstable. Remaining changes:
- d/p/disable_fips_enabled_read.patch
Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode.
libgcrypt is not a FIPS certified library.
* Dropped changes, not needed:
- d/p/12_lessdeps_libgcrypt-config.diff: refresh patch offsets
* For Ubuntu, this fixes an FTBFS by following Debian 1.10.2-3 in
dropping the use of --insert-timestamp (LP: #2036527).
Available diffs
libgcrypt20 (1.10.2-2ubuntu1) mantic; urgency=medium
* Merge with Debian unstable. Remaining changes:
- d/p/disable_fips_enabled_read.patch
Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode.
libgcrypt is not a FIPS certified library.
- d/p/12_lessdeps_libgcrypt-config.diff: refresh patch offsets
-- Adrien Nader <email address hidden> Mon, 10 Jul 2023 15:41:13 +0200
Available diffs
- diff from 1.10.1-3ubuntu1 to 1.10.2-2ubuntu1 (60.2 KiB)
| Superseded in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
libgcrypt20 (1.10.1-3ubuntu1) lunar; urgency=medium * Merge from Debian unstable (LP: #2003529). Remaining changes: - d/p/disable_fips_enabled_read.patch Disable the library reading /proc/sys/crypto/fips_enabled file and going into FIPS mode. libgcrypt is not a FIPS certified library.
Available diffs
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
libgcrypt20 (1.10.1-2ubuntu1) kinetic; urgency=low * Merge from Debian unstable. (LP: #1974277) Remaining changes: - d/p/disable_fips_enabled_read.patch Disable the library reading /proc/sys/crypto/fips_enabled file and going into FIPS mode. libgcrypt is not a FIPS certified library. * Removed d/p/0001-Always-include-config.h-in-cipher-assembly-codes.patch since it's already included in the new version. * Removed d/p/0001-poly1305-fix-building-with-arm-linux-gnueabihf-gcc-1.patch since it's already included in the new version. * Refreshed d/p/12_lessdeps_libgcrypt-config.diff and d/p/disable_fips_enabled_read.patch due to offsets.
Available diffs
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
libgcrypt20 (1.9.4-3ubuntu3) jammy; urgency=high * No change rebuild for ppc64el baseline bump. -- Julian Andres Klode <email address hidden> Thu, 24 Mar 2022 13:12:17 +0100
Available diffs
libgcrypt20 (1.9.4-3ubuntu2) jammy; urgency=medium * Cherry-pick upstream patch to fix FTBFS on armhf.
Available diffs
- diff from 1.8.7-5ubuntu2 to 1.9.4-3ubuntu2 (713.0 KiB)
- diff from 1.9.4-3ubuntu1 to 1.9.4-3ubuntu2 (1.5 KiB)
| Superseded in jammy-proposed |
libgcrypt20 (1.9.4-3ubuntu1) jammy; urgency=medium
* Merge from Debian unstable. Remaining changes:
- Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. libgcrypt is not a FIPS certified library.
(LP 1748310)
* Drop CVE and CET patches, applied in Debian or upstreamed.
* Cherry-pick one more patch from master to correctly enable assembly
CET.
Available diffs
- diff from 1.8.7-5ubuntu2 to 1.9.4-3ubuntu1 (711.9 KiB)
| Superseded in jammy-release |
| Obsolete in impish-release |
| Deleted in impish-proposed (Reason: Moved to impish) |
libgcrypt20 (1.8.7-5ubuntu2) impish; urgency=medium
* SECURITY UPDATE: lack of exponent blinding in ElGamal encryption
- debian/patches/CVE-2021-33560.patch: harden ElGamal by introducing
exponent blinding too in cipher/elgamal.c.
- CVE-2021-33560
* SECURITY UPDATE: incorrect support of smaller K
- debian/patches/CVE-2021-40528.patch: fix ElGamal encryption for other
implementations in cipher/elgamal.c.
- CVE-2021-40528
-- Marc Deslauriers <email address hidden> Thu, 16 Sep 2021 07:36:50 -0400
Available diffs
libgcrypt20 (1.8.5-5ubuntu1.1) focal-security; urgency=medium
* SECURITY UPDATE: lack of exponent blinding in ElGamal encryption
- debian/patches/CVE-2021-33560.patch: harden ElGamal by introducing
exponent blinding too in cipher/elgamal.c.
- CVE-2021-33560
* SECURITY UPDATE: incorrect support of smaller K
- debian/patches/CVE-2021-40528.patch: fix ElGamal encryption for other
implementations in cipher/elgamal.c.
- CVE-2021-40528
-- Marc Deslauriers <email address hidden> Tue, 14 Sep 2021 14:36:24 -0400
Available diffs
libgcrypt20 (1.8.7-2ubuntu2.1) hirsute-security; urgency=medium
* SECURITY UPDATE: lack of exponent blinding in ElGamal encryption
- debian/patches/CVE-2021-33560.patch: harden ElGamal by introducing
exponent blinding too in cipher/elgamal.c.
- CVE-2021-33560
* SECURITY UPDATE: incorrect support of smaller K
- debian/patches/CVE-2021-40528.patch: fix ElGamal encryption for other
implementations in cipher/elgamal.c.
- CVE-2021-40528
-- Marc Deslauriers <email address hidden> Tue, 14 Sep 2021 14:30:44 -0400
Available diffs
libgcrypt20 (1.8.1-4ubuntu1.3) bionic-security; urgency=medium
* SECURITY UPDATE: lack of exponent blinding in ElGamal encryption
- debian/patches/CVE-2021-33560.patch: harden ElGamal by introducing
exponent blinding too in cipher/elgamal.c.
- CVE-2021-33560
* SECURITY UPDATE: incorrect support of smaller K
- debian/patches/CVE-2021-40528.patch: fix ElGamal encryption for other
implementations in cipher/elgamal.c.
- CVE-2021-40528
-- Marc Deslauriers <email address hidden> Tue, 14 Sep 2021 14:36:59 -0400
Available diffs
libgcrypt20 (1.8.7-5ubuntu1) impish; urgency=low
* Merge from Debian unstable. Remaining changes:
- Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. libgcrypt is not a FIPS certified library.
(LP 1748310)
- Enable CET.
Available diffs
| Superseded in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
libgcrypt20 (1.8.7-2ubuntu2) hirsute; urgency=medium * No-change rebuild to drop the udeb package. -- Matthias Klose <email address hidden> Mon, 22 Feb 2021 10:34:38 +0100
Available diffs
- diff from 1.8.7-2ubuntu1 to 1.8.7-2ubuntu2 (342 bytes)
libgcrypt20 (1.8.7-2ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. libgcrypt is not a FIPS certified library.
(LP 1748310)
- Enable CET.
Available diffs
- diff from 1.8.5-5ubuntu2 to 1.8.7-2ubuntu1 (48.6 KiB)
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
libgcrypt20 (1.8.5-5ubuntu2) groovy; urgency=medium * Enable CET. -- Dimitri John Ledkov <email address hidden> Fri, 26 Jun 2020 14:12:25 +0100
Available diffs
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
libgcrypt20 (1.8.5-5ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. libgcrypt is not a FIPS certified library.
(LP 1748310)
Available diffs
libgcrypt20 (1.6.5-2ubuntu0.6) xenial-security; urgency=medium
* SECURITY UPDATE: ECDSA timing attack
- debian/patches/CVE-2019-13627.patch: add mitigation against timing
attack in cipher/ecc-ecdsa.c, mpi/ec.c.
- CVE-2019-13627
-- Marc Deslauriers <email address hidden> Mon, 13 Jan 2020 13:39:58 -0500
Available diffs
libgcrypt20 (1.8.1-4ubuntu1.2) bionic-security; urgency=medium
* SECURITY UPDATE: ECDSA timing attack
- debian/patches/CVE-2019-13627-1.patch: add mitigation against timing
attack in cipher/ecc-ecdsa.c, mpi/ec.c.
- debian/patches/CVE-2019-13627-2.patch: fix use of nonce, use larger
one in cipher/dsa-common.c, cipher/dsa.c, cipher/ecc-ecdsa.c,
cipher/ecc-gost.c, cipher/pubkey-internal.h.
- CVE-2019-13627
-- Marc Deslauriers <email address hidden> Thu, 28 Nov 2019 13:53:53 -0500
Available diffs
libgcrypt20 (1.8.4-3ubuntu1.1) disco-security; urgency=medium
* SECURITY UPDATE: ECDSA timing attack
- debian/patches/CVE-2019-13627-1.patch: add mitigation against timing
attack in cipher/ecc-ecdsa.c, mpi/ec.c.
- debian/patches/CVE-2019-13627-2.patch: fix use of nonce, use larger
one in cipher/dsa-common.c, cipher/dsa.c, cipher/ecc-ecdsa.c,
cipher/ecc-gost.c, cipher/pubkey-internal.h.
- CVE-2019-13627
-- Marc Deslauriers <email address hidden> Thu, 28 Nov 2019 13:53:23 -0500
Available diffs
libgcrypt20 (1.8.4-5ubuntu2.1) eoan-security; urgency=medium
* SECURITY UPDATE: ECDSA timing attack
- debian/patches/CVE-2019-13627-1.patch: add mitigation against timing
attack in cipher/ecc-ecdsa.c, mpi/ec.c.
- debian/patches/CVE-2019-13627-2.patch: fix use of nonce, use larger
one in cipher/dsa-common.c, cipher/dsa.c, cipher/ecc-ecdsa.c,
cipher/ecc-gost.c, cipher/pubkey-internal.h.
- CVE-2019-13627
-- Marc Deslauriers <email address hidden> Thu, 28 Nov 2019 13:50:59 -0500
Available diffs
libgcrypt20 (1.8.5-3ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. libgcrypt is not a FIPS certified library.
(LP 1748310)
* Dropped changes, included in Debian:
- Build-depend on texlive-plain-generic instead of obsolete texlive-
generic-recommended.
Available diffs
- diff from 1.8.4-5ubuntu2 to 1.8.5-3ubuntu1 (20.1 KiB)
| Superseded in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to Release) |
libgcrypt20 (1.8.4-5ubuntu2) eoan; urgency=medium
* Build-depend on texlive-plain-generic instead of obsolete texlive-
generic-recommended.
-- Steve Langasek <email address hidden> Tue, 01 Oct 2019 14:13:42 -0700
Available diffs
- diff from 1.8.4-5ubuntu1 to 1.8.4-5ubuntu2 (533 bytes)
libgcrypt20 (1.8.4-5ubuntu1) eoan; urgency=low
* Merge from Debian unstable. Remaining changes:
- Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. libgcrypt is not a FIPS certified library.
(LP 1748310)
* Fix spelling-error-in-patch-description "Decription" -> "Description"
Available diffs
| Superseded in eoan-release |
| Obsolete in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
libgcrypt20 (1.8.4-3ubuntu1) disco; urgency=low
* Merge from Debian unstable. Remaining changes:
- Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. libgcrypt is not a FIPS certified library.
(LP 1748310)
Available diffs
- diff from 1.8.3-1ubuntu1 to 1.8.4-3ubuntu1 (14.0 KiB)
| Superseded in disco-release |
| Obsolete in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
libgcrypt20 (1.8.3-1ubuntu1) cosmic; urgency=low
* Merge from Debian unstable. Remaining changes:
- Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. libgcrypt is not a FIPS certified library.
(LP 1748310)
Available diffs
- diff from 1.8.2-2ubuntu1 to 1.8.3-1ubuntu1 (183.8 KiB)
libgcrypt20 (1.7.8-2ubuntu1.1) artful-security; urgency=medium
* SECURITY UPDATE: memory-cache side-channel attack on ECDSA signatures
- debian/patches/CVE-2018-0495.patch: add blinding for ECDSA in
cipher/ecc-ecdsa.c.
- CVE-2018-0495
-- Marc Deslauriers <email address hidden> Mon, 18 Jun 2018 09:29:48 -0400
Available diffs
libgcrypt20 (1.8.1-4ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: memory-cache side-channel attack on ECDSA signatures
- debian/patches/CVE-2018-0495.patch: add blinding for ECDSA in
cipher/ecc-ecdsa.c.
- CVE-2018-0495
-- Marc Deslauriers <email address hidden> Mon, 18 Jun 2018 09:28:30 -0400
Available diffs
libgcrypt20 (1.6.5-2ubuntu0.5) xenial-security; urgency=medium
* SECURITY UPDATE: memory-cache side-channel attack on ECDSA signatures
- debian/patches/CVE-2018-0495.patch: add blinding for ECDSA in
cipher/ecc-ecdsa.c.
- CVE-2018-0495
-- Marc Deslauriers <email address hidden> Mon, 18 Jun 2018 09:30:10 -0400
Available diffs
libgcrypt20 (1.8.2-2ubuntu1) cosmic; urgency=low
* Merge from Debian unstable. Remaining changes:
- Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. libgcrypt is not a FIPS certified library.
(LP 1748310)
Available diffs
- diff from 1.8.1-4ubuntu1 to 1.8.2-2ubuntu1 (11.8 KiB)
libgcrypt20 (1.6.5-2ubuntu0.4) xenial; urgency=medium
* Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. This fixes a hang on boot when using a
FIPS-enabled kernel with encrypted installations (LP: #1748310)
- debian/patches/disable_fips_enabled_read.patch
-- Vineetha Pai <email address hidden> Fri, 16 Feb 2018 13:31:19 -0500
Available diffs
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
libgcrypt20 (1.8.1-4ubuntu1) bionic; urgency=medium
* Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. libgcrypt is not a FIPS certified library.
(LP: #1748310)
- debian/patches/disable_fips_enabled_read.patch
-- Vineetha Pai <email address hidden> Fri, 16 Feb 2018 13:45:04 -0500
Available diffs
libgcrypt20 (1.8.1-4) unstable; urgency=low * Upload to unstable. -- Andreas Metzler <email address hidden> Wed, 15 Nov 2017 18:52:21 +0100
Available diffs
- diff from 1.7.9-1 to 1.8.1-4 (204.7 KiB)
- diff from 1.7.9-2 to 1.8.1-4 (201.8 KiB)
libgcrypt20 (1.7.9-2) unstable; urgency=medium
* Sync debian/copyright with upstream's LICENSES file, adding the OCB
license 1. Closes: #879984
* [lintian] Drop trailing whitespace in control and changelog.
* [lintian] Sync priorities with override file (extra -> optional).
* [lintian] Fix typo in copyright file.
-- Andreas Metzler <email address hidden> Sat, 04 Nov 2017 16:37:16 +0100
Available diffs
- diff from 1.7.9-1 to 1.7.9-2 (3.8 KiB)
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
libgcrypt20 (1.7.8-2ubuntu1) artful; urgency=medium
* SECURITY UPDATE: Curve25519 side-channel attack
- debian/patches/CVE-2017-0379.patch: add input validation for X25519
to cipher/ecc.c, mpi/ec.c, src/mpi.h.
- CVE-2017-0379
-- Marc Deslauriers <email address hidden> Thu, 14 Sep 2017 07:14:32 -0400
Available diffs
libgcrypt20 (1.7.6-1ubuntu0.2) zesty-security; urgency=medium
* SECURITY UPDATE: Curve25519 side-channel attack
- debian/patches/CVE-2017-0379.patch: add input validation for X25519
to cipher/ecc.c, mpi/ec.c, src/mpi.h.
- CVE-2017-0379
-- Marc Deslauriers <email address hidden> Thu, 14 Sep 2017 07:12:13 -0400
Available diffs
libgcrypt20 (1.7.9-1) unstable; urgency=high
* New upstream version, mitigates a local side-channel attack on Curve25519
dubbed "May the Fourth be With You". [CVE-2017-0379] Closes: #873383
+ Drop 30_mpi-Fix-mpi_set_secure.patch
-- Andreas Metzler <email address hidden> Sun, 27 Aug 2017 11:56:17 +0200
Available diffs
libgcrypt20 (1.7.8-2) unstable; urgency=medium
* 30_mpi-Fix-mpi_set_secure.patch from upstream LIBGCRYPT-1-7-BRANCH: Fix
memory allocation in mpi_set_secure. Closes: #866964
* Drop override_dh_strip from debian/rules.
-- Andreas Metzler <email address hidden> Thu, 06 Jul 2017 18:16:23 +0200
Available diffs
- diff from 1.7.8-1 to 1.7.8-2 (1.4 KiB)
libgcrypt20 (1.7.2-2ubuntu1.1) yakkety-security; urgency=medium
* SECURITY UPDATE: full RSA key recovery via side-channel attack
- debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
- debian/patches/CVE-2017-7526-2.patch: use same computation for square
and multiply in mpi/mpi-pow.c.
- debian/patches/CVE-2017-7526-3.patch: add exponent blinding in
cipher/rsa.c.
- debian/patches/CVE-2017-7526-4.patch: add free to cipher/rsa.c.
- debian/patches/CVE-2017-7526-5.patch: add free to cipher/rsa.c.
- CVE-2017-7526
* SECURITY UPDATE: EdDSA key recovery via side-channel attack
- debian/patches/CVE-2017-9526-1.patch: store EdDSA session key in
secure memory in cipher/ecc-eddsa.c.
- debian/patches/CVE-2017-9526-2.patch: fix SEGV and stat calculation
src/secmem.c.
- CVE-2017-9526
-- Marc Deslauriers <email address hidden> Mon, 03 Jul 2017 08:15:20 -0400
Available diffs
libgcrypt20 (1.6.5-2ubuntu0.3) xenial-security; urgency=medium
* SECURITY UPDATE: full RSA key recovery via side-channel attack
- debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
- debian/patches/CVE-2017-7526-2.patch: use same computation for square
and multiply in mpi/mpi-pow.c.
- debian/patches/CVE-2017-7526-3.patch: add exponent blinding in
cipher/rsa.c.
- debian/patches/CVE-2017-7526-4.patch: add free to cipher/rsa.c.
- debian/patches/CVE-2017-7526-5.patch: add free to cipher/rsa.c.
- CVE-2017-7526
* SECURITY UPDATE: EdDSA key recovery via side-channel attack
- debian/patches/CVE-2017-9526-1.patch: store EdDSA session key in
secure memory in cipher/ecc-eddsa.c.
- debian/patches/CVE-2017-9526-2.patch: fix SEGV and stat calculation
src/secmem.c.
- CVE-2017-9526
-- Marc Deslauriers <email address hidden> Mon, 03 Jul 2017 08:16:37 -0400
Available diffs
libgcrypt20 (1.7.6-1ubuntu0.1) zesty-security; urgency=medium
* SECURITY UPDATE: full RSA key recovery via side-channel attack
- debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
- debian/patches/CVE-2017-7526-2.patch: use same computation for square
and multiply in mpi/mpi-pow.c.
- debian/patches/CVE-2017-7526-3.patch: add exponent blinding in
cipher/rsa.c.
- debian/patches/CVE-2017-7526-4.patch: add free to cipher/rsa.c.
- debian/patches/CVE-2017-7526-5.patch: add free to cipher/rsa.c.
- CVE-2017-7526
* SECURITY UPDATE: EdDSA key recovery via side-channel attack
- debian/patches/CVE-2017-9526-1.patch: store EdDSA session key in
secure memory in cipher/ecc-eddsa.c.
- debian/patches/CVE-2017-9526-2.patch: fix SEGV and stat calculation
src/secmem.c.
- CVE-2017-9526
-- Marc Deslauriers <email address hidden> Mon, 03 Jul 2017 08:00:00 -0400
Available diffs
libgcrypt20 (1.7.8-1) unstable; urgency=high
* Fix 25_norevisionfromgit.diff to let ./configure generate a version-string
without -beta suffix. LP: #1700157
* New upstream version.
+ Mitigate a flush+reload side-channel attack on RSA secret keys dubbed
"Sliding right into disaster". For details see
<https://eprint.iacr.org/2017/627>. [CVE-2017-7526]
-- Andreas Metzler <email address hidden> Thu, 29 Jun 2017 18:27:03 +0200
Available diffs
- diff from 1.7.7-2 to 1.7.8-1 (113.4 KiB)
libgcrypt20 (1.7.7-2) unstable; urgency=low * Upload to unstable. -- Andreas Metzler <email address hidden> Sun, 18 Jun 2017 11:28:58 +0200
Available diffs
- diff from 1.7.6-2 to 1.7.7-2 (117.9 KiB)
libgcrypt20 (1.7.6-2) unstable; urgency=high
* Refresh debian/upstream/signing-key.asc, key-expiry-dates bumped.
* Pull two fixes from gcrypt 1.7.7 bugfix release:
+ 30_gcry177_01-ecc-Store-EdDSA-session-key-in-secure-memory.patch
Fix possible timing attack on EdDSA session key.
+ 30_gcry177_02-secmem-Fix-SEGV-and-stat-calculation.patch
Fix long standing bug in secure memory implementation which could lead
to a segv on free.
-- Andreas Metzler <email address hidden> Sat, 03 Jun 2017 10:58:36 +0200
Available diffs
- diff from 1.7.6-1 to 1.7.6-2 (10.8 KiB)
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
libgcrypt20 (1.7.6-1) unstable; urgency=medium
* New upstream version, includes
30_rijndael-ssse3-fix-counter-operand-from-read-only-to.patch.
-- Andreas Metzler <email address hidden> Thu, 26 Jan 2017 11:58:32 +0100
Available diffs
- diff from 1.7.5-3 to 1.7.6-1 (85.6 KiB)
libgcrypt20 (1.7.5-3) unstable; urgency=medium
* 30_rijndael-ssse3-fix-counter-operand-from-read-only-to.patch from
upstream GIT master: Fix SSE3 assembly on Nehalem.
-- Andreas Metzler <email address hidden> Sat, 14 Jan 2017 11:06:04 +0100
Available diffs
- diff from 1.7.5-2 to 1.7.5-3 (1.2 KiB)
libgcrypt20 (1.7.5-2) unstable; urgency=medium * Upload to unstable. -- Andreas Metzler <email address hidden> Sat, 17 Dec 2016 08:38:47 +0100
Available diffs
- diff from 1.7.3-2 to 1.7.5-2 (56.0 KiB)
libgcrypt20 (1.7.3-2) unstable; urgency=medium [ Helmut Grohne / Andreas Metzler ] * Turn libgcrypt11-dev into an Arch:any package. Closes: #840205 -- Andreas Metzler <email address hidden> Sun, 09 Oct 2016 18:00:59 +0200
Available diffs
libgcrypt20 (1.6.5-2ubuntu0.2) xenial-security; urgency=medium
* SECURITY UPDATE: random number generator prediction
- debian/patches/CVE-2016-6313-1.patch: improve the diagram showing the
random mixing in random/random-csprng.c.
- debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
csprng pool in random/random-csprng.c.
- CVE-2016-6313
* debian/rules: disable unaligned memory access on arm to fix FTBFS.
-- Marc Deslauriers <email address hidden> Thu, 18 Aug 2016 13:15:16 -0400
Available diffs
- diff from 1.6.5-2ubuntu0.1 to 1.6.5-2ubuntu0.2 (757 bytes)
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Deleted in yakkety-proposed (Reason: moved to release) |
libgcrypt20 (1.7.2-2ubuntu1) yakkety; urgency=medium
* SECURITY UPDATE: random number generator prediction
- debian/patches/CVE-2016-6313-1.patch: improve the diagram showing the
random mixing in random/random-csprng.c.
- debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
csprng pool in random/random-csprng.c.
- CVE-2016-6313
-- Marc Deslauriers <email address hidden> Wed, 17 Aug 2016 13:42:24 -0400
Available diffs
libgcrypt20 (1.7.2-2) unstable; urgency=low * Upload to unstable. -- Andreas Metzler <email address hidden> Sun, 17 Jul 2016 15:32:09 +0200
Available diffs
- diff from 1.7.1-2 to 1.7.2-2 (19.1 KiB)
libgcrypt20 (1.7.1-2) unstable; urgency=medium * Upload to unstable. -- Andreas Metzler <email address hidden> Sat, 18 Jun 2016 07:24:03 +0200
Available diffs
- diff from 1.7.0-2 to 1.7.1-2 (16.3 KiB)
libgcrypt20 (1.7.0-2) unstable; urgency=low * Upload to unstable. -- Andreas Metzler <email address hidden> Sun, 17 Apr 2016 13:16:30 +0200
Available diffs
- diff from 1.6.5-2 to 1.7.0-2 (828.3 KiB)
| Superseded in xenial-proposed |
libgcrypt20 (1.6.4-5ubuntu1) xenial; urgency=medium
* SECURITY UPDATE: side-channel attack on ECDH
- debian/patches/CVE-2015-7511.patch: perform input validation and fix
error paths in cipher/ecc.c, use constant-time multiplication in
mpi/ec.c.
- CVE-2015-7511
-- Marc Deslauriers <email address hidden> Wed, 10 Feb 2016 10:54:55 -0500
Available diffs
libgcrypt20 (1.6.3-2ubuntu1.1) wily-security; urgency=medium
* SECURITY UPDATE: side-channel attack on ECDH
- debian/patches/CVE-2015-7511.patch: perform input validation and fix
error paths in cipher/ecc.c, use constant-time multiplication in
mpi/ec.c.
- CVE-2015-7511
-- Marc Deslauriers <email address hidden> Wed, 10 Feb 2016 10:59:23 -0500
Available diffs
| Superseded in yakkety-release |
| Published in xenial-release |
| Deleted in xenial-proposed (Reason: moved to release) |
libgcrypt20 (1.6.5-2) unstable; urgency=medium * serial-tests was added in automake 1.12, add versioned b-d. * Upload to unstable. -- Andreas Metzler <email address hidden> Wed, 10 Feb 2016 12:01:58 +0100
Available diffs
- diff from 1.6.4-5 to 1.6.5-2 (9.2 KiB)
- diff from 1.6.4-5ubuntu1 (in Ubuntu) to 1.6.5-2 (10.6 KiB)
libgcrypt20 (1.6.4-5) unstable; urgency=medium
* Move Vcs-* from git/http to https.
* Add 30_support_source_date_epoch.diff: Support setting BUILD_TIMESTAMP
using SOURCE_DATE_EPOCH through the SOURCE_DATE_EPOCH environment
variable. (Thanks, Jérémy Bobbio!). Use/b-d on dh-autoreconf instead of
autotools-dev. Closes: #812428
-- Andreas Metzler <email address hidden> Sun, 24 Jan 2016 16:00:41 +0100
Available diffs
- diff from 1.6.4-4 to 1.6.4-5 (1.4 KiB)
libgcrypt20 (1.6.4-4) unstable; urgency=medium
* Delete build-aux/texinfo.tex and let texinfo use the system copy instead
to prevent breakage in pdf generation in UTF-8 locale. Closes: #803081
* Migrate from libgcrypt20-dbg to ddebs. dh_strip's --ddeb-migration
option was added to debhelper/unstable with version 9.20150628, bump
build-dependency accordingly.
-- Andreas Metzler <email address hidden> Fri, 25 Dec 2015 14:06:18 +0100
Available diffs
- diff from 1.6.4-3 to 1.6.4-4 (1.4 KiB)
libgcrypt20 (1.6.4-3) unstable; urgency=medium * Upload to unstable. * Ship pdf instead of postscript docs. -- Andreas Metzler <email address hidden> Sun, 18 Oct 2015 13:37:58 +0200
Available diffs
| Superseded in xenial-release |
| Obsolete in wily-release |
| Deleted in wily-proposed (Reason: moved to release) |
libgcrypt20 (1.6.3-2ubuntu1) wily; urgency=medium
* Merge from Debian unstable, remaining changes:
- debian/rules: Drop from -O3 to -O2 to work around FTBFS on ppc64el.
Available diffs
- diff from 1.6.2-4ubuntu2 to 1.6.3-2ubuntu1 (246.2 KiB)
| Superseded in wily-release |
| Obsolete in vivid-release |
| Deleted in vivid-proposed (Reason: moved to release) |
libgcrypt20 (1.6.2-4ubuntu2) vivid; urgency=medium
* SECURITY UPDATE: sidechannel attack on Elgamal
- debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
cipher/elgamal.c.
- CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
- debian/patches/CVE-2015-0837.patch: avoid timing variations in
mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
- CVE-2015-0837
-- Marc Deslauriers <email address hidden> Thu, 26 Mar 2015 07:17:50 -0400
Available diffs
libgcrypt20 (1.6.1-2ubuntu1.14.10.1) utopic-security; urgency=medium
* SECURITY UPDATE: sidechannel attack on Elgamal
- debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
cipher/elgamal.c.
- CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
- debian/patches/CVE-2015-0837.patch: avoid timing variations in
mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
- CVE-2015-0837
-- Marc Deslauriers <email address hidden> Thu, 26 Mar 2015 07:24:13 -0400
Available diffs
libgcrypt20 (1.6.1-2ubuntu1.14.04.1) trusty-security; urgency=medium
* SECURITY UPDATE: sidechannel attack on Elgamal
- debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
cipher/elgamal.c.
- CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
- debian/patches/CVE-2015-0837.patch: avoid timing variations in
mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
- CVE-2015-0837
-- Marc Deslauriers <email address hidden> Thu, 26 Mar 2015 07:25:12 -0400
Available diffs
libgcrypt20 (1.6.2-4ubuntu1) vivid; urgency=medium
* Merge from Debian unstable, remaining changes:
- debian/rules: Drop from -O3 to -O2 to work around FTBFS on ppc64el.
Available diffs
- diff from 1.6.1-2ubuntu1 to 1.6.2-4ubuntu1 (21.0 KiB)
| Superseded in vivid-release |
| Obsolete in utopic-release |
| Superseded in utopic-release |
| Published in trusty-release |
| Deleted in trusty-proposed (Reason: moved to release) |
libgcrypt20 (1.6.1-2ubuntu1) trusty; urgency=medium * debian/rules: Drop from -O3 to -O2 to work around FTBFS on ppc64el. -- Adam Conrad <email address hidden> Thu, 20 Mar 2014 19:32:09 -0600
Available diffs
- diff from 1.6.1-2 (in Debian) to 1.6.1-2ubuntu1 (844 bytes)
libgcrypt20 (1.6.1-2) unstable; urgency=medium
* libgcrypt20-dev does not provide libgcrypt-dev anymore and conflicts with
libgcrypt11-dev in addition to the virtual package libgcrypt-dev.
The previous setup of having libgcryptXX-dev provide/conflict
libgcrypt-dev breaks for packages build-depending on the virtual package.
Closes: #741959
-- Andreas Metzler <email address hidden> Mon, 17 Mar 2014 19:14:23 +0100
Available diffs
- diff from 1.6.1-1 to 1.6.1-2 (593 bytes)
| Deleted in trusty-release (Reason: We don't want this transition in trusty) |
| Deleted in trusty-proposed (Reason: moved to release) |
libgcrypt20 (1.6.1-1) unstable; urgency=medium
* New upstream version.
+ New member in gcry_md_flags, bump dependency version of gcry_md_open().
+ GCRYCTL_INACTIVATE_FIPS_FLAG/GCRYCTL_REACTIVATE_FIPS_FLAG reserved but
returning a GPG_ERR_NOT_IMPLEMENTED yet. Bump dependency version of
gcry_control().
* Fix c'n'p error in Vcs-Git field. Closes: #737022
-- Andreas Metzler <email address hidden> Wed, 29 Jan 2014 16:21:56 +0100
Available diffs
- diff from 1.6.0-2ubuntu2 (in Ubuntu) to 1.6.1-1 (486.2 KiB)
libgcrypt20 (1.6.0-2ubuntu2) trusty; urgency=medium
* Add blowfish-arm.S and serpent-armv7-neon.S, not included in the
upstream release.
-- Matthias Klose <email address hidden> Wed, 29 Jan 2014 12:25:17 +0000
Available diffs
| Superseded in trusty-proposed |
libgcrypt20 (1.6.0-2ubuntu1) trusty; urgency=medium * Don't try to build blowfish-arm, not included in the sources. -- Matthias Klose <email address hidden> Wed, 29 Jan 2014 12:25:17 +0000
Available diffs
- diff from 1.6.0-2 (in Debian) to 1.6.0-2ubuntu1 (633 bytes)
libgcrypt20 (1.6.0-2) unstable; urgency=low * Upload to unstable. * Add description to 12_lessdeps_libgcrypt-config.diff. -- Andreas Metzler <email address hidden> Sat, 04 Jan 2014 13:15:57 +0100
| 1 → 73 of 73 results | First • Previous • Next • Last |
