Fedora 20 Security Update: gnupg-1.4.19-2.fc20

March 5, 2015 007admin Leave a comment

Resolved Bugs
1198154 – CVE-2015-0837 CVE-2014-3591 gnupg: various flaws [fedora-all]
1198145 – CVE-2014-3591 libgcrypt: use ciphertext blinding for Elgamal decryption (new side-channel attack)
1198147 – CVE-2015-0837 libgcrypt: last-level cache side-channel attack<br
New upstream v1.4.19
Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]
Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837]
Add AUTOPOINT=true to autoreconf so that it will build with gettext 0.18.x

007 Software

Fedora 20 Security Update: gnupg-1.4.19-2.fc20

Leave a Reply Cancel reply

Software and Security Information