-
libgcrypt11 (1.5.0-3ubuntu2.2) raring-security; urgency=low
* SECURITY UPDATE: The path of execution in an exponentiation function may
depend upon secret key data, allowing a local attacker to determine the
contents of the secret key through a side-channel attack.
- debian/patches/CVE-2013-4242.diff: always perform the mpi_mul for
exponents in secure memory. Based on upstream patch.
- CVE-2013-4242
-- Seth Arnold <email address hidden> Tue, 30 Jul 2013 17:29:54 -0700
-
libgcrypt11 (1.5.0-3ubuntu2.1) raring; urgency=low
* Reverts previous upload since it broke graphical login with gnupg-agent
installed (LP: #1076906)
-- Adam Stokes <email address hidden> Fri, 09 Nov 2012 11:09:25 -0500
-
libgcrypt11 (1.5.0-3ubuntu2) raring-proposed; urgency=low
[Howard Chu]
* debian/patches/enable-global-init-secure-memory.patch:
Fix regression during disable/suspend of secure memory
(LP: #1013798)
-- Adam Stokes <email address hidden> Mon, 05 Nov 2012 11:05:59 -0500
-
libgcrypt11 (1.5.0-3ubuntu1) quantal; urgency=low
* Do not call global_init when setting thread callbacks (LP: #423252)
-- Adam Stokes <email address hidden> Tue, 15 May 2012 13:56:17 -0400