Univention Bugzilla – Bug 37922
libgcrypt11: Side channel attacks (4.0)
Last modified: 2017-10-26 13:54:45 CEST
Side-channel attack on El-Gamal keys (CVE-2014-3591) Side-channel attack in the mpi_pow() function (CVE-2015-0837)
Fix available in Debian version 1.5.0-5+deb7u3
Compiled 1.5.0-5+deb7u3 in scope errata4.0-3 YAML (r63391): 2015-09-01-libgcrypt11.yaml
OK: DEBIAN_FRONTEND=noninteractive aptitude install -y '?source-package(^libgcrypt11$)~i' OK: DEBIAN_FRONTEND=noninteractive aptitude install -y '?source-package(^libgcrypt11$)?not(?name(udeb))' OK: /usr/share/doc/libgcrypt11/changelog.Debian.gz OK: wget -O- https://www.univention.de/ >/dev/null OK: r63391 OK: CVE-2014-3591 OK: CVE-2015-0837 OK: 2015-09-01-libgcrypt11.yaml OK: errata-announce -V 2015-09-01-libgcrypt11.yaml
<http://errata.software-univention.de/ucs/4.0/319.html>