You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa libgcrypt11

Sigurnosni nedostaci programskog paketa libgcrypt11

by ncert - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LDE

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-3478-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 15, 2016 https://www.debian.org/security/faq
– ————————————————————————-

Package : libgcrypt11
CVE ID : CVE-2015-7511

Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered
that the ECDH secret decryption keys in applications using the
libgcrypt11 library could be leaked via a side-channel attack.

See https://www.cs.tau.ac.IL/~tromer/ecdh/ for details.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1.5.0-5+deb7u4.

We recommend that you upgrade your libgcrypt11 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJWwh9bAAoJEAVMuPMTQ89ERtwP/0kJcy66nl8rTu7Y/5MnVyJi
jotYMdxZcNBqcZDKkQl8soZSzTgpYlRrnfdAZrxqr9FbHxvrA40z775hzG8fdwGx
qIljTfeE1Wk5WCqEkX/381VByIpFtE80FKPgxYjdorkWiglgRWkeOwCj875MneWB
l9mU1C2k+WCz9jXpSYzqiOECkDcMNmclPhoYZuWfkIdIg3w8Mdz1/4Uj2+jqQ/qD
6qSes8VVL7+pl947QOZ2n/daPzD3vmS1GeHNawC8NqqA5WwREcAq/QVAt8PSFPoY
Qwh6YPGiKO0L6JMKPIT2JGxaWlij2PQBeEOnemejlsF4BZsOVoCH24gmknQMCIWv
9pXmJ9VtyQjrC6knVinTwUSQMNzWZZl3zDzF0kVMGM0kIJ5key/6Ruxmc1IuqXWm
P9TMUOWARjGU9vw1IQgatSjErTl3Iti0oPasaS7P670IUZptGdqqQOMhniRDGU/c
pHEq2l1DXQY4gu7P71ZJLQBY8L4vVyhlRKS38hXL484z5Pw+bgMvn0Oh9h6lapLL
6Ffh2x9qLrTSWYY/M4cMOLwQ50D+0KHlEjA6aQDtctaYCsFcc19Sqr66uxsBUQeU
/OOA3oCdyIafaeD3ehUDpnyrhkQ0Z7D9rpkO+roQ+9H1QVYNby0XCFSbnqtjqgVt
1so9Evkrb7vVbH7B/u71
=i1hO
—–END PGP SIGNATURE—–

AutorAndrej Sefic
Cert idNCERT-REF-2016-02-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
ncert
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa qemu

Otkriveni su sigurnosni nedostaci u programskom paketu qemu za operacijski sustav Suse. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanja...

Close