Publishing details

Changelog

gnupg (1.4.16-1ubuntu2.6) trusty-security; urgency=medium

  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

 -- Alex Murray <email address hidden>  Mon, 06 Aug 2018 10:40:15 +0930

Available diffs

Builds

Built packages

Package files