Advisories » MGASA-2015-0360

Updated libgcrypt packages fix CVE-2015-0837

Publication date: 13 Sep 2015
Modification date: 13 Sep 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-0837

Description

Updated libgcrypt packages fix security vulnerability:

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was
susceptible to an attack via physical side channels. A local attacker could
use this attack to possibly recover private keys (CVE-2015-0837).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=15610
• http://www.ubuntu.com/usn/usn-2555-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0837

SRPMS

4/core

• libgcrypt-1.5.4-1.2.mga4