Описание
Security update for libgcrypt
This update for libgcrypt fixes the following issues:
Security issues fixed:
- CVE-2019-13627: Mitigated ECDSA timing attack. (bsc#1148987)
Список пакетов
Container suse/sle15:15.0
libgcrypt20-1.8.2-6.20.1
SUSE Linux Enterprise Module for Basesystem 15
libgcrypt-devel-1.8.2-6.20.1
libgcrypt20-1.8.2-6.20.1
libgcrypt20-32bit-1.8.2-6.20.1
libgcrypt20-hmac-1.8.2-6.20.1
libgcrypt20-hmac-32bit-1.8.2-6.20.1
Ссылки
- Link for SUSE-SU-2019:2349-1
- E-Mail link for SUSE-SU-2019:2349-1
- SUSE Security Ratings
- SUSE Bug 1148987
- SUSE CVE CVE-2019-13627 page
Описание
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.
Затронутые продукты
Container suse/sle15:15.0:libgcrypt20-1.8.2-6.20.1
SUSE Linux Enterprise Module for Basesystem 15:libgcrypt-devel-1.8.2-6.20.1
SUSE Linux Enterprise Module for Basesystem 15:libgcrypt20-1.8.2-6.20.1
SUSE Linux Enterprise Module for Basesystem 15:libgcrypt20-32bit-1.8.2-6.20.1
Ссылки
- CVE-2019-13627
- SUSE Bug 1148987