Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 541564 (CVE-2014-3591)

Summary: <dev-libs/libgcrypt-1.6.3-r4: Two side channel attacks (CVE-{2014-3591,2015-0837})
Product: Gentoo Security Reporter: Kristian Fiskerstrand (RETIRED) <k_f>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: alonbl, bircoph, crypto+disabled, m.debruijne
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html
Whiteboard: A3 [glsa cve]
Package list:
Runtime testing required: ---
Bug Depends on: 538488, 567382, 575672    
Bug Blocks:    

Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-02-27 21:28:16 UTC 
From ${URL}

Noteworthy changes in version 1.6.3 
===================================

 * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
   See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.

 * Fixed data-dependent timing variations in modular exponentiation
   [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
   are Practical].

##

+  27 Feb 2015; Kristian Fiskerstrand <k_f@gentoo.org> +libgcrypt-1.6.3.ebuild:
+  New upstream release, security fix for two side channel attacks:
+  CVE-2014-3591,CVE-2015-0837
Comment 1 Yury German Gentoo Infrastructure gentoo-dev 2015-12-02 21:17:28 UTC 
New GLSA Request filed.

Maintainer(s), please drop the vulnerable version(s).
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2016-02-25 08:34:16 UTC 
Arches and Maintainer(s), Thank you for your work.
Comment 3 Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-02-25 09:25:42 UTC 
Sadly this is not yet fixed in 1.5 branch and there are other outstanding bugs blocking removal.
Comment 4 Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-02-25 09:40:06 UTC 
I see that fix for one of them was backported last week in 1.5 branch after all

   1 Noteworthy changes in version 1.5.5 (2016-02-18) [C19/A8/R4]
   2 ------------------------------------------------
   3 
   4  * Mitigate chosen cipher text attacks on ECDH with Weierstrass
   5    curves.  [CVE-2015-7511]
   6 
   7  * Use ciphertext blinding for Elgamal decryption.  [CVE-2014-3591]

Will look into bumping later
Comment 5 Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-05-22 19:42:32 UTC 
commit af07eccb7f03618e3ca39e525696f01222a8a009
Author: Kristian Fiskerstrand <k_f@gentoo.org>
Date:   Sun May 22 21:41:39 2016 +0200

    dev-libs/libgcrypt: Cleanup of vulnerable 1.5 versions
    
    Gentoo-Bug: 541564
    
    --
    the libgcrypt 1.5 branch is EOL for security fixes YE2016, applications
    should migrate to 1.6 API within this time. Removal of 1.5 branch is
    tracked in bug 567382
    
    Package-Manager: portage-2.3.0_rc1
Comment 6 Yury German Gentoo Infrastructure gentoo-dev 2016-06-05 20:44:56 UTC 
This issue was resolved and addressed in
 GLSA 201606-04 at https://security.gentoo.org/glsa/201606-04
by GLSA coordinator Yury German (BlueKnight)
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2016-10-10 11:06:04 UTC 
This issue was resolved and addressed in
 GLSA 201610-04 at https://security.gentoo.org/glsa/201610-04
by GLSA coordinator Kristian Fiskerstrand (K_F).