-
Committer:
Package Import Robot
-
Author(s):
Andreas Metzler
-
Date:
2013-07-27 13:42:31 UTC
-
Revision ID:
package-import@ubuntu.com-20130727134231-xfbqpxp8srj62trm
Tags: 1.4.5-2+squeeze1
* Pull and unfuzzz code changes from 1.5.3 security fix release from
upstream GIT:
+ [35_bug-in-mpi_powm-for-e-0.patch] mpi/mpi-pow.c (gcry_mpi_powm) - For
a zero exponent, make sure that the result has been allocated.
+ [36_Mitigate-flush-reload-cache-attack-on-RSA.patch] Mitigate a
flush+reload cache attack on RSA secret exponents.
<http://eprint.iacr.org/2013/448>
This fixes CVE-2013-4242.