drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in libgcrypt (Aktualisierung)
Name: |
Preisgabe von Informationen in libgcrypt (Aktualisierung) |
|
ID: |
USN-3347-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 ESM |
|
Datum: |
Mo, 17. Juli 2017, 23:30 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526 |
|
Applikationen: |
libgcrypt |
|
Update von: |
Zwei Probleme in libgcrypt |
|
Originalnachricht |
--===============1858216211044282599== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-WSlGqgEQWuoYPYweG2Qe"
--=-WSlGqgEQWuoYPYweG2Qe Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
======================================================================= === Ubuntu Security Notice USN-3347-2 July 17, 2017
libgcrypt11 vulnerability ======================================================================= ===
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in Libgcrypt.
Software Description: - libgcrypt11: LGPL Crypto library
Details:
USN-3347-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
 Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot  Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and  Yuval Yarom discovered that Libgcrypt was susceptible to an attack via  side channels. A local attacker could use this attack to recover RSA  private keys. (CVE-2017-7526)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: Â libgcrypt11Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 1.5.0-3ubuntu0.7
In general, a standard system update will make all the necessary changes.
References: Â https://www.ubuntu.com/usn/usn-3347-2 Â https://www.ubuntu.com/usn/usn-3347-1 Â CVE-2017-7526
--ÐSlGqgEQWuoYPYweG2Qe Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAABCAAGBQJZbQqJAAoJEEW851uECx9pK78QALYhdHvQAciy9kOn1bCcXWRS DDxMweyWlLEdTPBMOilLBIqIH88WoYQ/7ZZ8slk1ssmVmxxZIgdbwV0wKx5RHCRN hJokAkZDxX/+6UYk7RBKnJL1mf5BOQ6QZzfI4zRLyUprJAaEoMgxBIx+nuSreFB7 kohPCdGWd4oj2R+xt/a5DpMZ/770Dm1BF1VBkCws/F3uk8ZRmoMpJ0c3nO4IsbDj kAaHlTZMFX/bn4PHmxOa7/sKiFbqfbhC6t9FwhIQD7EwSrx8zEL7MTJ8i/GaPKdo hPSTmRk5yxPPRoCx9oSqcW4qdezBiMUxehCsk/A2cKphpJqY2vUx+/FFp1mhUqff elXFCdVtxVAQj9Zs2596A0LDh2gZGBObKaYsn5wLsTCt2FfuyVcI5BwF70EiFsTM uANMEEmbAmANmrDhaqDiH5aHdzpJPpLvm2JGtLh0/htDHvF6s70Npwlk4Ke6GZbS guybrxS44CC2/Fbvg6BSMukmk8RbtXxy96himnHvK6zyY76klw6UqGwyWLtQ+itj O+ppMmbxgcZoXD6H4tuuSnnuAgbY4yZJiWzNWvFCya15rZf+BG+orjUv98QZtfpY rJCXJ4gdpchUsZmSk7QdD7a8R9OT1ByY8YYeQECuma3q1F0cVzJYdzFBdwqWDa/u mPt2c+gfonprHm5hBdFF =/YZn -----END PGP SIGNATURE-----
--=-WSlGqgEQWuoYPYweG2Qe--
--===============1858216211044282599== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1858216211044282599==--
|
|
|
|