Format: 1.8 Date: Mon, 03 Jul 2017 08:16:37 -0400 Source: libgcrypt20 Binary: libgcrypt20-doc libgcrypt20-dev libgcrypt20 libgcrypt20-udeb libgcrypt11-dev Architecture: i386 Version: 1.6.5-2ubuntu0.3 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libgcrypt11-dev - transitional libgcrypt11-dev package libgcrypt20 - LGPL Crypto library - runtime library libgcrypt20-dev - LGPL Crypto library - development files libgcrypt20-doc - LGPL Crypto library - documentation libgcrypt20-udeb - LGPL Crypto library - runtime library (udeb) Changes: libgcrypt20 (1.6.5-2ubuntu0.3) xenial-security; urgency=medium . * SECURITY UPDATE: full RSA key recovery via side-channel attack - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c. - debian/patches/CVE-2017-7526-2.patch: use same computation for square and multiply in mpi/mpi-pow.c. - debian/patches/CVE-2017-7526-3.patch: add exponent blinding in cipher/rsa.c. - debian/patches/CVE-2017-7526-4.patch: add free to cipher/rsa.c. - debian/patches/CVE-2017-7526-5.patch: add free to cipher/rsa.c. - CVE-2017-7526 * SECURITY UPDATE: EdDSA key recovery via side-channel attack - debian/patches/CVE-2017-9526-1.patch: store EdDSA session key in secure memory in cipher/ecc-eddsa.c. - debian/patches/CVE-2017-9526-2.patch: fix SEGV and stat calculation src/secmem.c. - CVE-2017-9526 Checksums-Sha1: 15e53076ab3b3f5a7e4f1ed83ffcf9fff2efd3ca 414880 libgcrypt20-dbgsym_1.6.5-2ubuntu0.3_i386.ddeb 91d07450ff1953ac4628e3651917c7038c47fa9a 25610 libgcrypt20-dev-dbgsym_1.6.5-2ubuntu0.3_i386.ddeb 7bfdc02926446c9b5c60f50eb16f61984e5751ce 367450 libgcrypt20-dev_1.6.5-2ubuntu0.3_i386.deb 65adf4a8db385946ce76e79277d09c063e189f69 414840 libgcrypt20-udeb-dbgsym_1.6.5-2ubuntu0.3_i386.ddeb e7a25ec6b99edede6b2c999389bad9b37e45f193 291324 libgcrypt20-udeb_1.6.5-2ubuntu0.3_i386.udeb ec9da27cf677be249f2684203a7cfd7cd4a63608 320516 libgcrypt20_1.6.5-2ubuntu0.3_i386.deb Checksums-Sha256: 4b6b34c1459012e337a3689ff6200bc97c9d0f22b4485dd5a0c48d4b15ae8df1 414880 libgcrypt20-dbgsym_1.6.5-2ubuntu0.3_i386.ddeb 88b323d8787dd1c97a86e92cceb2780a6fe497db883b4afbefe059eae169bb53 25610 libgcrypt20-dev-dbgsym_1.6.5-2ubuntu0.3_i386.ddeb dcfa30c5cd421a9317cff05926115103c08f17da46ba21b79d939ed895b04942 367450 libgcrypt20-dev_1.6.5-2ubuntu0.3_i386.deb 60f72438ceee06db6dc1d5da9e275d7a78787df461b499d5a52ebab1927bf0b0 414840 libgcrypt20-udeb-dbgsym_1.6.5-2ubuntu0.3_i386.ddeb ac7aec5686019041918d3a1d95cf4d0bf683b350d6421ce2d07a2c6fbd9f3037 291324 libgcrypt20-udeb_1.6.5-2ubuntu0.3_i386.udeb 1e21e36f39d0b2f7054adb3ee6a0fae62a1da1895862c3beb1d269cbd7833d83 320516 libgcrypt20_1.6.5-2ubuntu0.3_i386.deb Files: 3f68bff2a3297b11071a984d78f1feb3 414880 libs extra libgcrypt20-dbgsym_1.6.5-2ubuntu0.3_i386.ddeb 76061cd715db5f153c0fc03eea89d36a 25610 libdevel extra libgcrypt20-dev-dbgsym_1.6.5-2ubuntu0.3_i386.ddeb d6ccf0fb23b3a29d0f4b5a19597bec5b 367450 libdevel optional libgcrypt20-dev_1.6.5-2ubuntu0.3_i386.deb 92bf9bb2822e1296ca7a0ad194066f88 414840 debian-installer extra libgcrypt20-udeb-dbgsym_1.6.5-2ubuntu0.3_i386.ddeb 3e93e545f6755f3a1b0a45c3bf1e8ffc 291324 debian-installer optional libgcrypt20-udeb_1.6.5-2ubuntu0.3_i386.udeb e94e7c1e4f037340a498b91252787eae 320516 libs standard libgcrypt20_1.6.5-2ubuntu0.3_i386.deb Original-Maintainer: Debian GnuTLS Maintainers