Date: Mon, 11 Aug 2014 14:50:13 +1000 From: Murray McAllister <mmcallis@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE request: libgcrypt, ELGAMAL side-channel attack Hi, libgcrypt older than 1.6.0, and older than 1.5.4, are vulnerable to a ELGAMAL side-channel attack: http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000352.html https://lists.fedoraproject.org/pipermail/security-team/2014-August/000055.html (This may be similar sort of issue to CVE-2013-4242.) Can a CVE please be a assigned if one has not been already? Thanks, -- Murray McAllister / Red Hat Product Security https://bugzilla.redhat.com/show_bug.cgi?id=988589 https://bugzilla.redhat.com/show_bug.cgi?id=1128531
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ