Описание
ELSA-2013-1457: libgcrypt security update (MODERATE)
[1.4.5-11]
- fix CVE-2013-4242 GnuPG/libgcrypt susceptible to cache side-channel attack
[1.4.5-10]
- Add GCRYCTL_SET_ENFORCED_FIPS_FLAG command
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
libgcrypt
1.4.4-7.el5_10
libgcrypt-devel
1.4.4-7.el5_10
Oracle Linux x86_64
libgcrypt
1.4.4-7.el5_10
libgcrypt-devel
1.4.4-7.el5_10
Oracle Linux i386
libgcrypt
1.4.4-7.el5_10
libgcrypt-devel
1.4.4-7.el5_10
Oracle Linux 6
Oracle Linux x86_64
libgcrypt
1.4.5-11.el6_4
libgcrypt-devel
1.4.5-11.el6_4
Oracle Linux i686
libgcrypt
1.4.5-11.el6_4
libgcrypt-devel
1.4.5-11.el6_4
Oracle Linux sparc64
libgcrypt
1.4.5-11.el6_4
Связанные CVE
Связанные уязвимости
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x ...
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.