Summary: | <app-crypt/gnupg-1.4.19: Two side-channel attacks (CVE-{2014-3591,2015-0837}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | crypto+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 541788 | ||
Bug Blocks: |
Description
Kristian Fiskerstrand (RETIRED)
2015-02-27 22:13:50 UTC
Arches, please stabilize: =app-crypt/gnupg-1.4.19 Stable targets: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 Stable for HPPA. arm stable amd64 stable x86 stable ia64 stable ppc stable ppc64 stable sparc stable alpha stable. Maintainer(s), please cleanup. Security, please vote. Arches, Thank you for your work. GLSA Vote: Yes Maintainer(s), please drop the vulnerable version(s). Added to existing GLSA request (eb6e5a471) Maintainer(s), please drop the vulnerable version(s). + 11 May 2015; Kristian Fiskerstrand <k_f@gentoo.org> -gnupg-1.4.18.ebuild: + Remove vulnerable version c.f bug #541568 + This issue was resolved and addressed in GLSA 201606-04 at https://security.gentoo.org/glsa/201606-04 by GLSA coordinator Yury German (BlueKnight) |