-
libgcrypt20 (1.6.3-2ubuntu1.1) wily-security; urgency=medium
* SECURITY UPDATE: side-channel attack on ECDH
- debian/patches/CVE-2015-7511.patch: perform input validation and fix
error paths in cipher/ecc.c, use constant-time multiplication in
mpi/ec.c.
- CVE-2015-7511
-- Marc Deslauriers <email address hidden> Wed, 10 Feb 2016 10:59:23 -0500
-
libgcrypt20 (1.6.3-2ubuntu1) wily; urgency=medium
* Merge from Debian unstable, remaining changes:
- debian/rules: Drop from -O3 to -O2 to work around FTBFS on ppc64el.
libgcrypt20 (1.6.3-2) unstable; urgency=medium
* Upload to unstable.
* Fix Vcs-Browser link.
libgcrypt20 (1.6.3-1) experimental; urgency=medium
* Use ascii-armored debian/upstream/signing-key.asc instead of
debian/upstream-signing-key.pgp for uscan's verification. This alllows us
to drop debian/source/include-binaries. Add 2071B08A33BD3F06 as accepted
key.
* New upstream release.
+ Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
+ Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical].
-- Marc Deslauriers <email address hidden> Thu, 21 May 2015 08:06:59 -0400
-
libgcrypt20 (1.6.2-4ubuntu2) vivid; urgency=medium
* SECURITY UPDATE: sidechannel attack on Elgamal
- debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
cipher/elgamal.c.
- CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
- debian/patches/CVE-2015-0837.patch: avoid timing variations in
mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
- CVE-2015-0837
-- Marc Deslauriers <email address hidden> Thu, 26 Mar 2015 07:17:50 -0400