+++ This bug was initially created as a clone of Bug #591534 +++ Cloned for gnupg 1.4 handling From ${URL} (note CVE in announcement is wrong) Hello! The GnuPG Project is pleased to announce the availability of new Libgcrypt and GnuPG versions to *fix a critical security problem*. Felix Dörre and Vladimir Klebanov from the Karlsruhe Institute of Technology found a bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. This bug exists since 1998 in all GnuPG and Libgcrypt versions. Impact ====== All Libgcrypt and GnuPG versions released before 2016-08-17 are affected on all platforms. A first analysis on the impact of this bug in GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information. This needs more research and I would suggest _not to_ overhasty revoke keys. Solution ======== If you are using a vendor supplied version of GnuPG or Libgcrypt: * Wait for an update from your vendor. If you are using a GnuPG-2 version (2.0.x or 2.1.x): * Update Libgcrypt. We have released these fixed versions of Libgcrypt: 1.7.3, 1.6.6, and 1.5.6. See below for download information. If you are using GnuPG-1 version (1.4.x): * Update as soon as possible to GnuPG 1.4.21. See below for download information.
Arches, please stabilize =app-crypt/gnupg-1.4.21 Stable targets: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 commit ff13a198c84b52c2633dd98e013066ef5797b226 Author: Kristian Fiskerstrand <k_f@gentoo.org> Date: Wed Aug 17 19:52:32 2016 +0200 app-crypt/gnupg: Security bump to 1.4.21 Gentoo-Bug: 591536 Package-Manager: portage-2.3.0
amd64 stable
Stable for HPPA PPC64.
arm stable
Stable on alpha.
x86 stable
sparc stable
ppc stable
ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Cleanup done long ago
CVE-2016-6313 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6313): PRNG output is predictable
New GLSA created.
This issue was resolved and addressed in GLSA 201612-01 at https://security.gentoo.org/glsa/201612-01 by GLSA coordinator Aaron Bauman (b-man).