FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
689c2bf7-0701-11e3-9a25-002590860428	GnuPG and Libgcrypt -- side-channel attack vulnerability Werner Koch of the GNU project reports: Noteworthy changes in version 1.5.3: Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys... Note that Libgcrypt is used by GnuPG 2.x and thus this release fixes the above problem. The fix for GnuPG less than 2.0 can be found in the just released GnuPG 1.4.14. Discovery 2013-07-18 Entry 2013-08-17 libgcrypt < 1.5.3 linux-f10-libgcrypt < 1.5.3 CVE-2013-4242 http://eprint.iacr.org/2013/448 http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000329.html http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html

VuXML ID

Description

689c2bf7-0701-11e3-9a25-002590860428

GnuPG and Libgcrypt -- side-channel attack vulnerability

Werner Koch of the GNU project reports:

Noteworthy changes in version 1.5.3:

Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys...

Note that Libgcrypt is used by GnuPG 2.x and thus this release fixes the above problem. The fix for GnuPG less than 2.0 can be found in the just released GnuPG 1.4.14.

Discovery 2013-07-18
Entry 2013-08-17
libgcrypt

< 1.5.3

linux-f10-libgcrypt

< 1.5.3

CVE-2013-4242
http://eprint.iacr.org/2013/448
http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000329.html
http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html