[ubuntu/disco-security] libgcrypt20 1.8.4-3ubuntu1.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Jan 13 15:32:42 UTC 2020
libgcrypt20 (1.8.4-3ubuntu1.1) disco-security; urgency=medium
* SECURITY UPDATE: ECDSA timing attack
- debian/patches/CVE-2019-13627-1.patch: add mitigation against timing
attack in cipher/ecc-ecdsa.c, mpi/ec.c.
- debian/patches/CVE-2019-13627-2.patch: fix use of nonce, use larger
one in cipher/dsa-common.c, cipher/dsa.c, cipher/ecc-ecdsa.c,
cipher/ecc-gost.c, cipher/pubkey-internal.h.
- CVE-2019-13627
Date: 2019-11-28 19:55:14.156357+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libgcrypt20/1.8.4-3ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Disco-changes
mailing list