-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: libgcrypt11 Binary: libgcrypt11-doc, libgcrypt11-dev, libgcrypt11-dbg, libgcrypt11, libgcrypt11-udeb Architecture: any all Version: 1.5.0-5+deb7u2 Maintainer: Debian GnuTLS Maintainers <[email protected]> Uploaders: Andreas Metzler <[email protected]>, Eric Dorland <[email protected]>, James Westby <[email protected]>, Simon Josefsson <[email protected]> Homepage: http://directory.fsf.org/project/libgcrypt/ Standards-Version: 3.9.2 Vcs-Browser: http://svn.debian.org/wsvn/pkg-gnutls/packages/libgcrypt11/trunk/ Vcs-Svn: svn://svn.debian.org/svn/pkg-gnutls/packages/libgcrypt11/trunk Build-Depends: debhelper (>> 8.1.3), texlive-latex-base, texlive-generic-recommended, texinfo (>= 4.6-0), cdbs (>= 0.4.93), libgpg-error-dev (>> 1.10-0.1), autotools-dev Package-List: libgcrypt11 deb libs standard libgcrypt11-dbg deb debug extra libgcrypt11-dev deb libdevel optional libgcrypt11-doc deb doc optional libgcrypt11-udeb udeb debian-installer optional Checksums-Sha1: 3e776d44375dc1a710560b98ae8437d5da6e32cf 1433506 libgcrypt11_1.5.0.orig.tar.bz2 357f85a6259863f01fac71253507d8bafb57c4ef 25046 libgcrypt11_1.5.0-5+deb7u2.debian.tar.gz Checksums-Sha256: 4b62fc516004940a0571025401a0581d49199f1a76dfb5ce6fd63f50db8173fa 1433506 libgcrypt11_1.5.0.orig.tar.bz2 1a95ebe16003cf9eeb430d1e0af645e647bdfc0d6eadc04d2cf7f663cef14f99 25046 libgcrypt11_1.5.0-5+deb7u2.debian.tar.gz Files: 693f9c64d50c908bc4d6e01da3ff76d8 1433506 libgcrypt11_1.5.0.orig.tar.bz2 7ae3811b6631fcc391b816898e30ffa5 25046 libgcrypt11_1.5.0-5+deb7u2.debian.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJUZae8AAoJEAVMuPMTQ89EsyUP/iuDRkBLmW7EzzICPTkdjYR2 C8z48eHn3OKUrYd4XvaC5RQNtwpcPXyPtuzHQ2aY8mbj8jQX7rPZtoZGtvTuQ+/f jAjk60AKrY4jJgMN6H60eKi362nqp/vW3I4fY9puEddOvrm8vJSx3hSf946OcKJX 48uJV2yC+5GxHn+QeWw2RazVENAGutFVLU15Qz9LPgu6cTwPCjR4ICcqYxPaljUg K8Qg22KMYTuG5cbX8ZvMWTDplVU4vjf5S2CQ6mqcoBQDH6yI7GHwepjR0PVfyLYI qNcDIXZhZcxuVvevzL5iWnGHEudeWtfQLiFSBs/k6DFVD0nKQbRpAWnBpzl7wurh xRexNRF35CTU9zX6x9Yah5MgjoiI8uQ7faj+TpMQyZ5jxg/rz3h1sDrylduu6hsn 22eUfC93Au9lI9qFrP1mOw2EYJ81N13t/FFdywdp+v+7/IWZ+WAq72G6ecA3wj2v qSE6EOQR5Lt3MwwFRoABIsTG8NiXUwqOUKxab20EFfp+ggx1ZerGI1lCAQ8vu46P VdOJphyeFtFSWOmAEwEiZlhycykkx13CSEluurrNm8Xbw6lD+UbpaXA263BmWUed cDvtaK8Taw8yQID2oHJW+mPL9zZ/BGlm+NNO1JL7c2kizuU26KdJ6ShvddVw+ZdJ Yfiiqc95irmjqXnLMWMh =eok0 -----END PGP SIGNATURE----- Changes: libgcrypt11 (1.5.0-5+deb7u2) wheezy-security; urgency=high * Non-maintainer upload by the Security Team. * Add 37_Replace-deliberate-division-by-zero-with-_gcry_divid.patch patch. Replace deliberate division by zero with _gcry_divide_by_zero. * Add 38_CVE-2014-5270.patch patch. CVE-2014-5270: side-channel attack on Elgamal encryption subkeys. Cryptanalysis attack as described by Genkin, Pipman and Tromer. See <http://www.cs.tau.ac.il/~tromer/handsoff/> -- Salvatore Bonaccorso <[email protected]> Fri, 14 Nov 2014 07:44:40 +0100
