[ MDVSA-2015:155 ] gnupg

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:155
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : gnupg
 Date    : March 29, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated gnupg and libgcrypt packages fix security vulnerabilities:
 
 GnuPG before 1.4.19 is vulnerable to a side-channel attack which can
 potentially lead to an information leak (CVE-2014-3591).
 
 GnuPG before 1.4.19 is vulnerable to a side-channel attack on
 data-dependent timing variations in modular exponentiation, which
 can potentially lead to an information leak (CVE-2015-0837).
 
 The gnupg package has been patched to correct these issues.
 
 GnuPG2 is vulnerable to these issues through the libgcrypt library.
 The issues

007 Software

[ MDVSA-2015:155 ] gnupg

Leave a Reply Cancel reply

Software and Security Information