libgcrypt-1.4.4-7.AXS3
エラータID: AXSA:2013-678:01
Release date:
Monday, November 25, 2013 - 13:45
Subject:
libgcrypt-1.4.4-7.AXS3
Affected Channels:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version.
Security issues fixed with this release:
• CVE-2013-4242
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
Solution:
Update packages.
CVEs:
CVE-2013-4242
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
Additional Info:
N/A
Download:
SRPMS
- libgcrypt-1.4.4-7.AXS3.src.rpm
MD5: 80f259aefe7bb786a2e30238421fb54e
SHA-256: 1d5a2eddc16d26ad424f79416adea09ed15288557054dfc23737e7e00af95e0a
Size: 1.13 MB
Asianux Server 3 for x86
- libgcrypt-1.4.4-7.AXS3.i386.rpm
MD5: d776364cab78cd16446233553a9a9c7b
SHA-256: b6a996f3c54b8bb2e8aa464b35445712ccd48f0e69de483e807d3902f24d2d79
Size: 250.82 kB - libgcrypt-devel-1.4.4-7.AXS3.i386.rpm
MD5: 16d9b8f1d4c831afb60d2230a6bdb713
SHA-256: 66ba24edfca6055caf64619c8d87a5872f57df129e102598219895fce7d66a38
Size: 395.57 kB
Asianux Server 3 for x86_64
- libgcrypt-1.4.4-7.AXS3.x86_64.rpm
MD5: 04c335d2ae153a14a1a70e3b5631edd2
SHA-256: 0b0aaf5cfb234af4eb8a93d8dab0560941581e71127f7d52d68c63f024cba2ab
Size: 233.52 kB - libgcrypt-devel-1.4.4-7.AXS3.x86_64.rpm
MD5: 34a0a644c8638c08eda7420c124e4489
SHA-256: 0347f851c457b306e497e977e641ad89bcb9740e87624ecb06254c92de1745d5
Size: 384.64 kB