~ubuntu-branches/ubuntu/lucid/libgcrypt11/lucid-security

« back to all changes in this revision

Viewing changes to debian/changelog

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2015-03-26 08:55:36 UTC
  • Revision ID: package-import@ubuntu.com-20150326085536-f2ke370d8tj8dga8
Tags: 1.4.4-5ubuntu2.4
* SECURITY UPDATE: sidechannel attack on Elgamal
  - debian/patches/24-CVE-2014-3591.diff: use ciphertext blinding in
    cipher/elgamal.c.
  - CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
  - debian/patches/25-CVE-2015-0837.diff: avoid timing variations in
    mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
  - CVE-2015-0837

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
libgcrypt11 (1.4.4-5ubuntu2.4) lucid-security; urgency=medium
 
2
 
 
3
  * SECURITY UPDATE: sidechannel attack on Elgamal
 
4
    - debian/patches/24-CVE-2014-3591.diff: use ciphertext blinding in
 
5
      cipher/elgamal.c.
 
6
    - CVE-2014-3591
 
7
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
 
8
    - debian/patches/25-CVE-2015-0837.diff: avoid timing variations in
 
9
      mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
 
10
    - CVE-2015-0837
 
11
 
 
12
 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 26 Mar 2015 08:55:36 -0400
 
13
 
1
14
libgcrypt11 (1.4.4-5ubuntu2.3) lucid-security; urgency=medium
2
15
 
3
16
  * SECURITY UPDATE: side-channel attack on Elgamal encryption subkeys