Download
| Alert*
oval:org.secpod.oval:def:1801607
A mitigation against an ECDSA timing attack was fixed in libgcrypt 1.8.5 oval:org.secpod.oval:def:67965 The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. The following packages have been upgraded to a later upstream version: libgcrypt . Security Fix: * libgcrypt: ECDSA timing attack allowing private key leak For more details about the security issue, ... oval:org.secpod.oval:def:89003233 This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigated ECDSA timing attack oval:org.secpod.oval:def:504778 The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. The following packages have been upgraded to a later upstream version: libgcrypt . Security Fix: * libgcrypt: ECDSA timing attack allowing private key leak For more details about the security issue, ... oval:org.secpod.oval:def:61531 libgcrypt20: LGPL Crypto library Details: USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding fix for Linux Mint 18.x LTS. Original advisory Libgcrypt could be made to expose sensitive information. oval:org.secpod.oval:def:61530 libgcrypt20: LGPL Crypto library Libgcrypt could be made to expose sensitive information. oval:org.secpod.oval:def:89050777 This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigated ECDSA timing attack oval:org.secpod.oval:def:89050807 This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigation against an ECDSA timing attack . Bug fixes: - Added CMAC AES self test . - Added CMAC TDES self test missing . - Fix test dsa-rfc6979 in FIPS mode. oval:org.secpod.oval:def:705330 libgcrypt20: LGPL Crypto library Libgcrypt could be made to expose sensitive information. oval:org.secpod.oval:def:705332 libgcrypt20: LGPL Crypto library Details: USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding fix for Ubuntu 16.04 LTS. Original advisory Libgcrypt could be made to expose sensitive information. oval:org.secpod.oval:def:2105136 It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. oval:org.secpod.oval:def:1504395 [1.8.5-4] - add PBKDF2 selftest for FIPS POST [1.8.5-3] - new upstream version 1.8.5 - AES performance improvements backported from master branch - FIPS module is implicit with kernel FIPS flag - always run the FIPS selftests if FIPS module is installed oval:org.secpod.oval:def:2500088 The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. |