Opened 8 years ago

Closed 8 years ago

#7444 closed enhancement (fixed)

libgcrypt-1.6.5

Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: high Milestone: 7.9
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

Security fix

CVE-2015-7511

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7511

Details:

https://www.cs.tau.ac.il/~tromer/ecdh/

ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.5.tar.bz2

ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.5.tar.bz2.sig

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=blob;f=NEWS;h=492344ac61dcbf4659377e93f078e16ee57125e0;hb=refs/tags/libgcrypt-1.6.5

or "plain"

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=blob_plain;f=NEWS;hb=refs/tags/libgcrypt-1.6.5 

Noteworthy changes in version 1.6.5 (2016-02-09) [C20/A0/R5]
------------------------------------------------

 * Mitigate side-channel attack on ECDH with Weierstrass curves
   [CVE-2015-7511].  See http://www.cs.tau.ac.IL/~tromer/ecdh/ for
   details.

 * Fix build problem on Solaris.

Change History (2)

comment:1 by Fernando de Oliveira, 8 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

comment:2 by Fernando de Oliveira, 8 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r16928.

Note: See TracTickets for help on using tickets.