You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa libgcrypt11

Sigurnosni nedostatak programskog paketa libgcrypt11

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

=======================================================================
===
Ubuntu Security Notice USN-3347-2
July 17, 2017

libgcrypt11 vulnerability
=======================================================================
===

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in Libgcrypt.

Software Description:
– libgcrypt11: LGPL Crypto library

Details:

USN-3347-1 fixed a vulnerability in Libgcrypt. This update provides the
corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot
 Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal,
and
 Yuval Yarom discovered that Libgcrypt was susceptible to an attack via
 side channels. A local attacker could use this attack to recover RSA
 private keys. (CVE-2017-7526)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  libgcrypt11                     1.5.0-3ubuntu0.7

In general, a standard system update will make all the necessary
changes.

References:
  https://www.ubuntu.com/usn/usn-3347-2
  https://www.ubuntu.com/usn/usn-3347-1
  CVE-2017-7526
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJZbQqJAAoJEEW851uECx9pK78QALYhdHvQAciy9kOn1bCcXWRS
DDxMweyWlLEdTPBMOilLBIqIH88WoYQ/7ZZ8slk1ssmVmxxZIgdbwV0wKx5RHCRN
hJokAkZDxX/+6UYk7RBKnJL1mf5BOQ6QZzfI4zRLyUprJAaEoMgxBIx+nuSreFB7
kohPCdGWd4oj2R+xt/a5DpMZ/770Dm1BF1VBkCws/F3uk8ZRmoMpJ0c3nO4IsbDj
kAaHlTZMFX/bn4PHmxOa7/sKiFbqfbhC6t9FwhIQD7EwSrx8zEL7MTJ8i/GaPKdo
hPSTmRk5yxPPRoCx9oSqcW4qdezBiMUxehCsk/A2cKphpJqY2vUx+/FFp1mhUqff
elXFCdVtxVAQj9Zs2596A0LDh2gZGBObKaYsn5wLsTCt2FfuyVcI5BwF70EiFsTM
uANMEEmbAmANmrDhaqDiH5aHdzpJPpLvm2JGtLh0/htDHvF6s70Npwlk4Ke6GZbS
guybrxS44CC2/Fbvg6BSMukmk8RbtXxy96himnHvK6zyY76klw6UqGwyWLtQ+itj
O+ppMmbxgcZoXD6H4tuuSnnuAgbY4yZJiWzNWvFCya15rZf+BG+orjUv98QZtfpY
rJCXJ4gdpchUsZmSk7QdD7a8R9OT1ByY8YYeQECuma3q1F0cVzJYdzFBdwqWDa/u
mPt2c+gfonprHm5hBdFF
=/YZn
—–END PGP SIGNATURE—–

AutorVlatka Misic
Cert idNCERT-REF-2017-07-0120-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Ranjivost Cisco WebEx programskog paketa

Otkrivena je ranjivosti u Cisco WebEx dodatku za web preglednike Chrome i Firefox podržane na Windows operacijskom sustavu. Ranjivost potencijalnom...

Close