-
libgcrypt11 (1.5.0-3ubuntu1.1) quantal-security; urgency=low
* SECURITY UPDATE: The path of execution in an exponentiation function may
depend upon secret key data, allowing a local attacker to determine the
contents of the secret key through a side-channel attack.
- debian/patches/CVE-2013-4242.diff: always perform the mpi_mul for
exponents in secure memory. Based on upstream patch.
- CVE-2013-4242
-- Seth Arnold <email address hidden> Tue, 30 Jul 2013 17:30:57 -0700
-
libgcrypt11 (1.5.0-3ubuntu1) quantal; urgency=low
* Do not call global_init when setting thread callbacks (LP: #423252)
-- Adam Stokes <email address hidden> Tue, 15 May 2012 13:56:17 -0400
-
libgcrypt11 (1.5.0-3) unstable; urgency=low
* Upload to unstable.
* Drop 20_workaroundarmgcc.diff (1.4.6/unstable). It seems to be unnecessary
with 1.5.0.
* libgcrypt11 Breaks gnupg2|gpgsm (<< 2.0.17-2ubuntu2) and libgnutls26 (<<
2.12.7-3). See https://bugs.launchpad.net/bugs/815190 and
https://lists.gnu.org/archive/html/gnutls-devel/2011-07/msg00001.html
libgcrypt11 (1.5.0-2) experimental; urgency=low
* Add a symbols file (Based on binary shipped in squeeze.) Closes: #550077
-- Ubuntu Archive Auto-Sync <email address hidden> Mon, 17 Oct 2011 11:05:38 +0000
