Описание
Security update for libgcrypt
This update for libgcrypt fixes the following issues:
- RNG prediction vulnerability (bsc#994157, CVE-2016-6313)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
libgcrypt11-1.5.0-0.22.1
libgcrypt11-32bit-1.5.0-0.22.1
libgcrypt11-x86-1.5.0-0.22.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libgcrypt11-1.5.0-0.22.1
libgcrypt11-32bit-1.5.0-0.22.1
libgcrypt11-x86-1.5.0-0.22.1
SUSE Linux Enterprise Software Development Kit 11 SP4
libgcrypt-devel-1.5.0-0.22.1
libgcrypt-devel-32bit-1.5.0-0.22.1
Ссылки
- Link for SUSE-SU-2016:2346-1
- E-Mail link for SUSE-SU-2016:2346-1
- SUSE Security Ratings
- SUSE Bug 994157
- SUSE CVE CVE-2016-6313 page
Описание
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libgcrypt11-1.5.0-0.22.1
SUSE Linux Enterprise Server 11 SP4:libgcrypt11-32bit-1.5.0-0.22.1
SUSE Linux Enterprise Server 11 SP4:libgcrypt11-x86-1.5.0-0.22.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:libgcrypt11-1.5.0-0.22.1
Ссылки
- CVE-2016-6313
- SUSE Bug 1123792
- SUSE Bug 994157