lp://staging/ubuntu/trusty-updates/libgcrypt11
- Get this branch:
- bzr branch lp://staging/ubuntu/trusty-updates/libgcrypt11
Branch merges
Branch information
Recent revisions
- 42. By Marc Deslauriers
-
* SECURITY UPDATE: random number generator prediction
- debian/patches/ CVE-2016- 6313-1. patch: improve the diagram showing the
random mixing in random/random- csprng. c.
- debian/patches/ CVE-2016- 6313-2. patch: hash continuous areas in the
csprng pool in random/random- csprng. c.
- CVE-2016-6313 - 41. By Marc Deslauriers
-
* SECURITY UPDATE: side-channel attack on ECDH
- debian/patches/ CVE-2015- 7511.patch: perform input validation in
cipher/ecc.c, src/mpi.h, use constant-time multiplication in
mpi/ec.c.
- CVE-2015-7511 - 40. By Marc Deslauriers
-
* SECURITY UPDATE: sidechannel attack on Elgamal
- debian/patches/ CVE-2014- 3591.patch: use ciphertext blinding in
cipher/elgamal. c.
- CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
- debian/patches/ CVE-2015- 0837.patch: avoid timing variations in
mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
- CVE-2015-0837 - 39. By Marc Deslauriers
-
* SECURITY UPDATE: side-channel attack on Elgamal encryption subkeys
- debian/patches/ add_gcry_ divide_ by_zero. patch: replace deliberate
division by zero with new _gcry_divide_by_zero( ).
- debian/patches/ CVE-2014- 5270.patch: use sliding window method for
exponentiation algorithm in mpi/mpi-pow.c.
- CVE-2014-5270 - 37. By Seth Arnold
-
* Merge from Debian unstable. Remaining changes:
- no-global-init-thread- callbacks. diff: Do not call global_init when
setting thread callbacks - 36. By Seth Arnold
-
* SECURITY UPDATE: The path of execution in an exponentiation function may
depend upon secret key data, allowing a local attacker to determine the
contents of the secret key through a side-channel attack.
- debian/patches/ CVE-2013- 4242.diff: always perform the mpi_mul for
exponents in secure memory. Based on upstream patch.
- CVE-2013-4242 - 35. By Adam Stokes
-
Reverts previous upload since it broke graphical login with gnupg-agent
installed (LP: #1076906) - 34. By Adam Stokes
-
[Howard Chu]
debian/patches/ enable- global- init-secure- memory. patch:
Fix regression during disable/suspend of secure memory
(LP: #1013798)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/utopic/libgcrypt11