[ubuntu/xenial-security] libgcrypt20 1.6.5-2ubuntu0.5 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Jun 19 15:11:43 UTC 2018
libgcrypt20 (1.6.5-2ubuntu0.5) xenial-security; urgency=medium
* SECURITY UPDATE: memory-cache side-channel attack on ECDSA signatures
- debian/patches/CVE-2018-0495.patch: add blinding for ECDSA in
cipher/ecc-ecdsa.c.
- CVE-2018-0495
libgcrypt20 (1.6.5-2ubuntu0.4) xenial; urgency=medium
* Disable the library reading /proc/sys/crypto/fips_enabled file
and going into FIPS mode. This fixes a hang on boot when using a
FIPS-enabled kernel with encrypted installations (LP: #1748310)
- debian/patches/disable_fips_enabled_read.patch
Date: 2018-06-18 14:13:13.163913+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libgcrypt20/1.6.5-2ubuntu0.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list