Описание
Security update for libgcrypt
libgcrypt was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-7511: Side-channel attack on ECDH with Weierstrass curves (bsc#965902).
Список пакетов
SUSE Linux Enterprise Desktop 12
libgcrypt20-1.6.1-16.27.1
libgcrypt20-32bit-1.6.1-16.27.1
SUSE Linux Enterprise Desktop 12 SP1
libgcrypt20-1.6.1-16.27.1
libgcrypt20-32bit-1.6.1-16.27.1
SUSE Linux Enterprise Server 12
libgcrypt20-1.6.1-16.27.1
libgcrypt20-32bit-1.6.1-16.27.1
libgcrypt20-hmac-1.6.1-16.27.1
libgcrypt20-hmac-32bit-1.6.1-16.27.1
SUSE Linux Enterprise Server 12 SP1
libgcrypt20-1.6.1-16.27.1
libgcrypt20-32bit-1.6.1-16.27.1
libgcrypt20-hmac-1.6.1-16.27.1
libgcrypt20-hmac-32bit-1.6.1-16.27.1
SUSE Linux Enterprise Server for SAP Applications 12
libgcrypt20-1.6.1-16.27.1
libgcrypt20-32bit-1.6.1-16.27.1
libgcrypt20-hmac-1.6.1-16.27.1
libgcrypt20-hmac-32bit-1.6.1-16.27.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
libgcrypt20-1.6.1-16.27.1
libgcrypt20-32bit-1.6.1-16.27.1
libgcrypt20-hmac-1.6.1-16.27.1
libgcrypt20-hmac-32bit-1.6.1-16.27.1
SUSE Linux Enterprise Software Development Kit 12
libgcrypt-devel-1.6.1-16.27.1
SUSE Linux Enterprise Software Development Kit 12 SP1
libgcrypt-devel-1.6.1-16.27.1
Ссылки
- Link for SUSE-SU-2016:1089-1
- E-Mail link for SUSE-SU-2016:1089-1
- SUSE Security Ratings
- SUSE Bug 965902
- SUSE CVE CVE-2015-7511 page
Описание
Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:libgcrypt20-1.6.1-16.27.1
SUSE Linux Enterprise Desktop 12 SP1:libgcrypt20-32bit-1.6.1-16.27.1
SUSE Linux Enterprise Desktop 12:libgcrypt20-1.6.1-16.27.1
SUSE Linux Enterprise Desktop 12:libgcrypt20-32bit-1.6.1-16.27.1
Ссылки
- CVE-2015-7511
- SUSE Bug 965902