[ubuntu/bionic-updates] libgcrypt20 1.8.1-4ubuntu1.2 (Accepted)

Mon Jan 13 16:28:19 UTC 2020

libgcrypt20 (1.8.1-4ubuntu1.2) bionic-security; urgency=medium

  * SECURITY UPDATE: ECDSA timing attack
    - debian/patches/CVE-2019-13627-1.patch: add mitigation against timing
      attack in cipher/ecc-ecdsa.c, mpi/ec.c.
    - debian/patches/CVE-2019-13627-2.patch: fix use of nonce, use larger
      one in cipher/dsa-common.c, cipher/dsa.c, cipher/ecc-ecdsa.c,
      cipher/ecc-gost.c, cipher/pubkey-internal.h.
    - CVE-2019-13627

Date: 2019-11-28 20:20:22.599544+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/libgcrypt20/1.8.1-4ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.