openSUSE-SU-2016:1227-1

Опубликовано: 04 мая 2016

Источник: suse-cvrf

Описание

Security update for libgcrypt

libgcrypt was updated to fix one security issue.

This security issue was fixed:

CVE-2015-7511: Side-channel attack on ECDH with Weierstrass curves (bsc#965902).

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.1

libgcrypt-1.6.1-26.1

libgcrypt-cavs-1.6.1-26.1

libgcrypt-devel-1.6.1-26.1

libgcrypt-devel-32bit-1.6.1-26.1

libgcrypt20-1.6.1-26.1

libgcrypt20-32bit-1.6.1-26.1

libgcrypt20-hmac-1.6.1-26.1

libgcrypt20-hmac-32bit-1.6.1-26.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-05/msg00027.html
E-Mail link for openSUSE-SU-2016:1227-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.

Затронутые продукты

openSUSE Leap 42.1:libgcrypt-1.6.1-26.1

openSUSE Leap 42.1:libgcrypt-cavs-1.6.1-26.1

openSUSE Leap 42.1:libgcrypt-devel-1.6.1-26.1

openSUSE Leap 42.1:libgcrypt-devel-32bit-1.6.1-26.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-7511.html
CVE-2015-7511
https://bugzilla.suse.com/965902
SUSE Bug 965902

openSUSE-SU-2016:1227-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2015-7511

Описание

Затронутые продукты

Ссылки