Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in libgcrypt (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in libgcrypt (Aktualisierung)
ID: USN-3347-2
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 ESM
Datum: Mo, 17. Juli 2017, 23:30
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526
Update von: Zwei Probleme in libgcrypt

Originalnachricht


--===============1858216211044282599==
Content-Type: multipart/signed; micalg="pgp-sha256";
protocol="application/pgp-signature";
boundary="=-WSlGqgEQWuoYPYweG2Qe"


--=-WSlGqgEQWuoYPYweG2Qe
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

=======================================================================
===
Ubuntu Security Notice USN-3347-2
July 17, 2017

libgcrypt11 vulnerability
=======================================================================
===

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in Libgcrypt.

Software Description:
- libgcrypt11: LGPL Crypto library

Details:

USN-3347-1 fixed a vulnerability in Libgcrypt. This update provides the
corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot
 Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal,
and
 Yuval Yarom discovered that Libgcrypt was susceptible to an attack via
 side channels. A local attacker could use this attack to recover RSA
 private keys. (CVE-2017-7526)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  libgcrypt11                     1.5.0-3ubuntu0.7

In general, a standard system update will make all the necessary
changes.

References:
  https://www.ubuntu.com/usn/usn-3347-2
  https://www.ubuntu.com/usn/usn-3347-1
  CVE-2017-7526

--ÐSlGqgEQWuoYPYweG2Qe
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAABCAAGBQJZbQqJAAoJEEW851uECx9pK78QALYhdHvQAciy9kOn1bCcXWRS
DDxMweyWlLEdTPBMOilLBIqIH88WoYQ/7ZZ8slk1ssmVmxxZIgdbwV0wKx5RHCRN
hJokAkZDxX/+6UYk7RBKnJL1mf5BOQ6QZzfI4zRLyUprJAaEoMgxBIx+nuSreFB7
kohPCdGWd4oj2R+xt/a5DpMZ/770Dm1BF1VBkCws/F3uk8ZRmoMpJ0c3nO4IsbDj
kAaHlTZMFX/bn4PHmxOa7/sKiFbqfbhC6t9FwhIQD7EwSrx8zEL7MTJ8i/GaPKdo
hPSTmRk5yxPPRoCx9oSqcW4qdezBiMUxehCsk/A2cKphpJqY2vUx+/FFp1mhUqff
elXFCdVtxVAQj9Zs2596A0LDh2gZGBObKaYsn5wLsTCt2FfuyVcI5BwF70EiFsTM
uANMEEmbAmANmrDhaqDiH5aHdzpJPpLvm2JGtLh0/htDHvF6s70Npwlk4Ke6GZbS
guybrxS44CC2/Fbvg6BSMukmk8RbtXxy96himnHvK6zyY76klw6UqGwyWLtQ+itj
O+ppMmbxgcZoXD6H4tuuSnnuAgbY4yZJiWzNWvFCya15rZf+BG+orjUv98QZtfpY
rJCXJ4gdpchUsZmSk7QdD7a8R9OT1ByY8YYeQECuma3q1F0cVzJYdzFBdwqWDa/u
mPt2c+gfonprHm5hBdFF
=/YZn
-----END PGP SIGNATURE-----

--=-WSlGqgEQWuoYPYweG2Qe--



--===============1858216211044282599==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============1858216211044282599==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung