Описание
ELSA-2022-9263: libgcrypt security update (MODERATE)
[1.8.5-6_fips]
- Add API to provide hash calculation in RSA/DSA/ECDSA signature operations [Orabug: 33081130]
- Change Epoch from 1 to 10
[1.8.5-6]
- Fix for CVE-2021-33560 (#1971421)
- Enable HW optimizations in FIPS (#1976137)
- Performance enchancements for ChaCha20 and Poly1305 (#1855231)
[1.8.5-5]
- Performance enchancements for AES-GCM, CRC32 and SHA2 (#1855231)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
libgcrypt
1.8.5-6.el8_fips
libgcrypt-devel
1.8.5-6.el8_fips
Oracle Linux x86_64
libgcrypt
1.8.5-6.el8_fips
libgcrypt-devel
1.8.5-6.el8_fips
Связанные CVE
Связанные уязвимости
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encry ...