drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in libgcrypt11
Name: |
Preisgabe von Informationen in libgcrypt11 |
|
ID: |
DSA-3478-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian wheezy |
|
Datum: |
Mo, 15. Februar 2016, 22:49 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7511 |
|
Applikationen: |
libgcrypt |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3478-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 15, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : libgcrypt11 CVE ID : CVE-2015-7511
Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that the ECDH secret decryption keys in applications using the libgcrypt11 library could be leaked via a side-channel attack.
See https://www.cs.tau.ac.IL/~tromer/ecdh/ for details.
For the oldstable distribution (wheezy), this problem has been fixed in version 1.5.0-5+deb7u4.
We recommend that you upgrade your libgcrypt11 packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJWwh9bAAoJEAVMuPMTQ89ERtwP/0kJcy66nl8rTu7Y/5MnVyJi jotYMdxZcNBqcZDKkQl8soZSzTgpYlRrnfdAZrxqr9FbHxvrA40z775hzG8fdwGx qIljTfeE1Wk5WCqEkX/381VByIpFtE80FKPgxYjdorkWiglgRWkeOwCj875MneWB l9mU1C2k+WCz9jXpSYzqiOECkDcMNmclPhoYZuWfkIdIg3w8Mdz1/4Uj2+jqQ/qD 6qSes8VVL7+pl947QOZ2n/daPzD3vmS1GeHNawC8NqqA5WwREcAq/QVAt8PSFPoY Qwh6YPGiKO0L6JMKPIT2JGxaWlij2PQBeEOnemejlsF4BZsOVoCH24gmknQMCIWv 9pXmJ9VtyQjrC6knVinTwUSQMNzWZZl3zDzF0kVMGM0kIJ5key/6Ruxmc1IuqXWm P9TMUOWARjGU9vw1IQgatSjErTl3Iti0oPasaS7P670IUZptGdqqQOMhniRDGU/c pHEq2l1DXQY4gu7P71ZJLQBY8L4vVyhlRKS38hXL484z5Pw+bgMvn0Oh9h6lapLL 6Ffh2x9qLrTSWYY/M4cMOLwQ50D+0KHlEjA6aQDtctaYCsFcc19Sqr66uxsBUQeU /OOA3oCdyIafaeD3ehUDpnyrhkQ0Z7D9rpkO+roQ+9H1QVYNby0XCFSbnqtjqgVt 1so9Evkrb7vVbH7B/u71 =i1hO -----END PGP SIGNATURE-----
|
|
|
|