[ubuntu/vivid-proposed] libgcrypt11 1.5.4-2ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Mar 26 21:44:57 UTC 2015 

libgcrypt11 (1.5.4-2ubuntu2) vivid; urgency=medium

  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.patch: avoid timing variations in
      mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
    - CVE-2015-0837

Date: Thu, 26 Mar 2015 08:16:10 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libgcrypt11/1.5.4-2ubuntu2
-------------- next part --------------
Format: 1.8
Date: Thu, 26 Mar 2015 08:16:10 -0400
Source: libgcrypt11
Binary: libgcrypt11-doc libgcrypt11-dev libgcrypt11-dbg libgcrypt11 libgcrypt11-udeb
Architecture: source
Version: 1.5.4-2ubuntu2
Distribution: vivid
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 libgcrypt11 - LGPL Crypto library - runtime library
 libgcrypt11-dbg - LGPL Crypto library - debugger files
 libgcrypt11-dev - LGPL Crypto library - development files
 libgcrypt11-doc - LGPL Crypto library - documentation
 libgcrypt11-udeb - LGPL Crypto library - runtime library (udeb)
Changes:
 libgcrypt11 (1.5.4-2ubuntu2) vivid; urgency=medium
 .
   * SECURITY UPDATE: sidechannel attack on Elgamal
     - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
       cipher/elgamal.c.
     - CVE-2014-3591
   * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
     - debian/patches/CVE-2015-0837.patch: avoid timing variations in
       mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
     - CVE-2015-0837
Checksums-Sha1:
 8f82cd95015dd95c9ba11161f88baf3c358f4191 2574 libgcrypt11_1.5.4-2ubuntu2.dsc
 a80c6c03ce81831e83fe83b775d2a6f8efdb06f0 24980 libgcrypt11_1.5.4-2ubuntu2.debian.tar.xz
Checksums-Sha256:
 615e73247e2bc5b2f145c5d6ebe590aacaba11d43ac1d2498d1ae8fd98fdce6e 2574 libgcrypt11_1.5.4-2ubuntu2.dsc
 2b8d7090bc6061863a5743234eddfb27e54cbce6becfcd6f18a4b60b0d55c0e0 24980 libgcrypt11_1.5.4-2ubuntu2.debian.tar.xz
Files:
 da37a2c72e237f755c1871646e0128be 2574 libs optional libgcrypt11_1.5.4-2ubuntu2.dsc
 ad238d23622164c4d6170e4dc59ef0b5 24980 libs optional libgcrypt11_1.5.4-2ubuntu2.debian.tar.xz
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>

More information about the Vivid-changes mailing list