libgcrypt 1.8.3 (CVE-2018-0495)
|Reported by:||Pierre Labastie||Owned by:|
New point release. Security fix:
Noteworthy changes in version 1.8.3 =================================== - Use blinding for ECDSA signing to mitigate a novel side-channel attack. [#4011,CVE-2018-0495] - Fix incorrect counter overflow handling for GCM when using an IV size other than 96 bit. [#3764] - Fix incorrect output of AES-keywrap mode for in-place encryption on some platforms. - Fix the gcry_mpi_ec_curve_point point validation function. - Fix rare assertion failure in gcry_prime_check.
Details of the security threat at https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
According to the announcement, although gnupg is a user of libgcrypt, it does not use the ECDSA code, and hence is not subject to the side channel attack.