openSUSE-SU-2016:2423-1

Опубликовано: 30 сент. 2016

Источник: suse-cvrf

Описание

Security update for libgcrypt

This update for libgcrypt fixes the following issues:

RNG prediction vulnerability (bsc#994157, CVE-2016-6313)

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.1

libgcrypt-1.6.1-32.1

libgcrypt-cavs-1.6.1-32.1

libgcrypt-devel-1.6.1-32.1

libgcrypt-devel-32bit-1.6.1-32.1

libgcrypt20-1.6.1-32.1

libgcrypt20-32bit-1.6.1-32.1

libgcrypt20-hmac-1.6.1-32.1

libgcrypt20-hmac-32bit-1.6.1-32.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-09/msg00108.html
E-Mail link for openSUSE-SU-2016:2423-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.

Затронутые продукты

openSUSE Leap 42.1:libgcrypt-1.6.1-32.1

openSUSE Leap 42.1:libgcrypt-cavs-1.6.1-32.1

openSUSE Leap 42.1:libgcrypt-devel-1.6.1-32.1

openSUSE Leap 42.1:libgcrypt-devel-32bit-1.6.1-32.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-6313.html
CVE-2016-6313
https://bugzilla.suse.com/1123792
SUSE Bug 1123792
https://bugzilla.suse.com/994157
SUSE Bug 994157

openSUSE-SU-2016:2423-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-6313

Описание

Затронутые продукты

Ссылки