|
|
Log in / Subscribe / Register

libgcrypt20: key leak

Package(s):libgcrypt20 CVE #(s):CVE-2015-7511
Created:February 12, 2016 Updated:August 8, 2016
Description: From the Debian advisory:

Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that the ECDH secret decryption keys in applications using the libgcrypt20 library could be leaked via a side-channel attack.

See https://www.cs.tau.ac.IL/~tromer/ecdh/ for details.

Alerts:
Gentoo 201610-04 libgcrypt 2016-10-10
Fedora FEDORA-2016-ec4c27d766 libgcrypt 2016-08-05
Fedora FEDORA-2016-83cd045bcc libgcrypt 2016-07-22
openSUSE openSUSE-SU-2016:1227-1 libgcrypt 2016-05-04
openSUSE openSUSE-SU-2016:0575-1 libgcrypt 2016-02-25
Arch Linux ASA-201602-19 libgcrypt 2016-02-25
Slackware SSA:2016-054-03 libgcrypt 2016-02-23
Mageia MGASA-2016-0072 libgcrypt 2016-02-17
Ubuntu USN-2896-1 libgcrypt11, libgcrypt20 2016-02-15
Debian DSA-3478-1 libgcrypt11 2016-02-15
Debian DSA-3474-1 libgcrypt20 2016-02-12
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds