Ubuntu Security Notice 3733-2 - USN-3733-1 fixed a vulnerability in GnuPG. This update provides the corresponding update for Ubuntu 12.04 ESM. Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that GnuPG is vulnerable to a cache side- channel attack. A local attacker could use this attack to recover RSA private keys. Various other issues were also addressed.
817cfd19cf50cae7760c3417576d5726f44022f1b1c841a3e0a3e23a7fad11f8Ubuntu Security Notice 3733-1 - Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that GnuPG is vulnerable to a cache side-channel attack. A local attacker could use this attack to recover RSA private keys.
6081868b6937ce04c1afb73d5b0c1cade9750163429be840a37a60165ab52e99Slackware Security Advisory - New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
ac7b53ebf1c3f9b75baf51f26cc313718a5582023389ed40e6ad93f7bd09168fUbuntu Security Notice 3347-2 - USN-3347-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding update for Ubuntu 12.04 ESM. A Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot A Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and A Yuval Yarom discovered that Libgcrypt was susceptible to an attack via A side channels. A local attacker could use this attack to recover RSA A private keys. Various other issues were also addressed.
cef9c437283906f956e60f6df98ddc0f810f887f63be10ecd8f7232cf64dd7e6Ubuntu Security Notice 3347-1 - Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that Libgcrypt was susceptible to an attack via side channels. A local attacker could use this attack to recover RSA private keys. It was discovered that Libgcrypt was susceptible to an attack via side channels. A local attacker could use this attack to possibly recover EdDSA private keys. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04. Various other issues were also addressed.
99f000f63d5c3d36e35cb45731868ca37158b8a5396e4620eddbafd6657a3cabDebian Linux Security Advisory 3901-1 - Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal and Yuval Yarom discovered that Libgcrypt is prone to a local side-channel attack allowing full key recovery for RSA-1024.
f38cd2eb51e615eda4d90e6e35da580f9b63bef09132936eeb26203cba4eb89c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed