Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 8 Sep 2015 12:05:34 +0200
From: Marcus Meissner <>
To: OSS Security List <>,
Subject: CVE Request: libgcrypt hardening for RSA-CRT leak


Redhat has published a paper on RSA-CRT keyleakage.

There was a CVE assigned for this issue CVE-2015-5738, but the software scope of this assigned is not clear.

libgcrypt has published a hardening fix for the same issue.;a=commit;h=b85c8d6645039fc9d403791750510e439731d479

Should it get a new CVE?

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ