Summary: | <dev-libs/libgcrypt-1.7.8: flush+reload side-channel attack on RSA secret keys: "Sliding right into disaster". | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | bertrand, crypto+disabled, k_f |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
dev-libs/libgcrypt-1.7.8
|
Runtime testing required: | --- |
Bug Depends on: | 629160 | ||
Bug Blocks: | 621218 |
Description
Kristian Fiskerstrand (RETIRED)
![]() commit 314d755d0e145799cf1771744df9f08932432b6d (HEAD -> master) Author: Kristian Fiskerstrand <k_f@gentoo.org> Date: Thu Jun 29 09:55:32 2017 +0200 dev-libs/libgcrypt: New upstream version 1.7.8 Package-Manager: Portage-2.3.6, Repoman-2.3.1 An automated check of this bug failed - the following atom is unknown: dev-libs/libgcrypt-1.7.8 Please verify the atom list. amd64 stable ia64 stable x86 stable arm stable sparc stable ppc stable ppc64 stable Changing designation to B3 as this requires specific configuration to be an attack vector, and impractical in nature. GLSA Vote: No Stable on alpha. ping for hppa |