-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 3.0 (quilt) Source: libgcrypt11 Binary: libgcrypt11-doc, libgcrypt11-dev, libgcrypt11-dbg, libgcrypt11, libgcrypt11-udeb Architecture: any all Version: 1.5.0-5+deb7u3 Maintainer: Debian GnuTLS Maintainers <[email protected]> Uploaders: Andreas Metzler <[email protected]>, Eric Dorland <[email protected]>, James Westby <[email protected]>, Simon Josefsson <[email protected]> Homepage: http://directory.fsf.org/project/libgcrypt/ Standards-Version: 3.9.2 Vcs-Browser: http://svn.debian.org/wsvn/pkg-gnutls/packages/libgcrypt11/trunk/ Vcs-Svn: svn://svn.debian.org/svn/pkg-gnutls/packages/libgcrypt11/trunk Build-Depends: debhelper (>> 8.1.3), texlive-latex-base, texlive-generic-recommended, texinfo (>= 4.6-0), cdbs (>= 0.4.93), libgpg-error-dev (>> 1.10-0.1), autotools-dev Package-List: libgcrypt11 deb libs standard libgcrypt11-dbg deb debug extra libgcrypt11-dev deb libdevel optional libgcrypt11-doc deb doc optional libgcrypt11-udeb udeb debian-installer optional Checksums-Sha1: 3e776d44375dc1a710560b98ae8437d5da6e32cf 1433506 libgcrypt11_1.5.0.orig.tar.bz2 b87eb6fabceb905258d6cd8ffe49281cd40fbd2b 28910 libgcrypt11_1.5.0-5+deb7u3.debian.tar.gz Checksums-Sha256: 4b62fc516004940a0571025401a0581d49199f1a76dfb5ce6fd63f50db8173fa 1433506 libgcrypt11_1.5.0.orig.tar.bz2 fdd111ffef4d4b9fc0ff4d47b74483b5a3d6a9bd589ea11db351869e52631fbf 28910 libgcrypt11_1.5.0-5+deb7u3.debian.tar.gz Files: 693f9c64d50c908bc4d6e01da3ff76d8 1433506 libgcrypt11_1.5.0.orig.tar.bz2 a856c7b1c74473ae02a5269a7f7b3f17 28910 libgcrypt11_1.5.0-5+deb7u3.debian.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVALGgAAoJEK+lG9bN5XPLULcP/iJRyJMWk5rc1F+0lxhgvETg yAvEXssMftsCg6Poe8tlyqjvjabShi+1eALQF46KuXWo+tguiDO8UIOkpIRM/f3M VEi4Lw8phaupjm+fMDFaom4/Vh53wLtsCapin8mPLy64uUUtEYEurrkGm8tm/2lr jF1A67AemOcjYaDLud9yfGmro2iXJVXuCuiCUC2FoWk/pCnMNstEbwhwe2mioYmA BoY/GNZ1uUIGbpoeCLNzRm7sTkyL6VJ7py19EiIk9OjpioOAkjaHgswpeyQ2JJK9 TZzGRQi1CmotzJ7w0YKqfNK+BwO3xfbyNRHgqkjR7brucNP3FdThCwP0GKk1jp0x VpELYYo3moVzdyvCnO2g2mq0QJVEqhGLmsFWKUhUoROY4ex3znz2fVlCC90s9T81 hwBta5sp9x7zwx4jBgK3ma9krvZemGDN7K50mow3bNlnrJUiSJ9ciSMgJKItyp+Q H3oe44cl16phzp+EjY45s9AQF7gLq99IBX4OXDvzgiiMbXCf2/jpjqb9s6W7J0ZZ lYrRU0shl+h8SS0XbzK04Tc7szyxocXI78UEbp14IhgNeoSLeIFKggSd6RR0590/ IszZXpd48z6pZpwxeRst7sO/KAJqxvLr/WcjinXqFtj7+k7KCHUXXDCL9qEsuTnT O8oeOG/7kuLNT1Uxagta =rBXI -----END PGP SIGNATURE----- Changes: libgcrypt11 (1.5.0-5+deb7u3) wheezy-security; urgency=high * Use ciphertext blinding for Elgamal decryption to counteract a side-channel attack as per CVE-2014-3591 * Fix data-dependent timing variations in the modular exponentiation function that could be used to mount a side-channel attack as per CVE-2015-0837 -- Alessandro Ghedini <[email protected]> Wed, 04 Mar 2015 19:39:20 +0100
