libgcrypt-1.8.5-4.el8
エラータID: AXSA:2020-1018:01
The libgcrypt library provides general-purpose implementations of various cryptographic algorithms.
The following packages have been upgraded to a later upstream version: libgcrypt (1.8.5).
Security Fix(es):
* libgcrypt: ECDSA timing attack allowing private key leak (CVE-2019-13627)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 8.3 Release Notes linked from the References section.
CVE-2019-13627
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.
Update packages.
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.
N/A
SRPMS
- libgcrypt-1.8.5-4.el8.src.rpm
MD5: ad5be8660705da62b40a60a9d37d540b
SHA-256: 105b0a641ec3c00879f80a8a695290641305ac07d6eb82812cbd98b80b220d6d
Size: 2.61 MB
Asianux Server 8 for x86_64
- libgcrypt-1.8.5-4.el8.x86_64.rpm
MD5: 67e4e9e2d361727db7ddcd7d879980a7
SHA-256: 963e258ad6c6efce71675d7c3bd04caef2263cc49c92fcf5648a8a6519432ade
Size: 461.43 kB - libgcrypt-devel-1.8.5-4.el8.x86_64.rpm
MD5: 91d24313dc07e39c552092b08a61cf07
SHA-256: db516674f4bb5b8532e8ec4afc8555482851cd8eb079ec42bc0c2570cffe80d1
Size: 148.11 kB - libgcrypt-1.8.5-4.el8.i686.rpm
MD5: d9569fdc79ec858c45aec8cba28a5bf0
SHA-256: 6feb3eca8b730d0d38153c2b1620eacbb982fd8ffa1aaf6cf1c38a3207f3ac30
Size: 444.43 kB - libgcrypt-devel-1.8.5-4.el8.i686.rpm
MD5: 691001bfbd6c952b08800f89091e7e14
SHA-256: fec0b986c12b99fc8ad383443e1c50db0297dd4cf751f897070cc68c2f1cfab7
Size: 148.20 kB
日本語