Package: libgcrypt20 / 1.8.4-5+deb10u1
Metadata
| Package | Version | Patches format |
|---|---|---|
| libgcrypt20 | 1.8.4-5+deb10u1 | 3.0 (quilt) |
Patch series
view the series file| Patch | File delta | Description |
|---|---|---|
| 12_lessdeps_libgcrypt config.diff | (download) |
src/libgcrypt-config.in |
3 2 + 1 - 0 ! |
drop -lgpg-error from libgcrypt-config --libs output. |
| 15_multiarchpath_in_ L.diff | (download) |
src/libgcrypt-config.in |
3 2 + 1 - 0 ! |
do not print standard multiarch path
{/usr,}/lib/i386-linux-gnu are in the standard search path, there is no
need to explicitly point gcc there with a -L argument.
|
| 25_norevisionfromgit.diff | (download) |
configure.ac |
8 5 + 3 - 0 ! |
do not pull revision info from git Stop trying to pull version info from GIT when autoconf is run. |
| 30_doc Fix library initialization examples.patch | (download) |
doc/gcrypt.texi |
16 10 + 6 - 0 ! |
[patch] doc: fix library initialization examples Signed-off-by: Andreas Metzler <ametzler@bebt.de> |
| 31_cipher Fix ElGamal encryption for other implementati.patch | (download) |
cipher/elgamal.c |
24 6 + 18 - 0 ! |
[patch] cipher: fix elgamal encryption for other implementations.
* cipher/elgamal.c (gen_k): Remove support of smaller K.
(do_encrypt): Never use smaller K.
(sign): Folllow the change of gen_k.
--
Cherry-pick master commit of:
632d80ef30e13de6926d503aa697f92b5dbfbc5e
This change basically reverts encryption changes in two commits:
74386120dad6b3da62db37f7044267c8ef34689b
78531373a342aeb847950f404343a05e36022065
Use of smaller K for ephemeral key in ElGamal encryption is only good,
when we can guarantee that recipient's key is generated by our
implementation (or compatible).
For detail, please see:
Luca De Feo, Bertram Poettering, Alessandro Sorniotti,
"On the (in)security of ElGamal in OpenPGP";
in the proceedings of CCS'2021.
CVE-id: CVE-2021-33560
GnuPG-bug-id: 5328
Suggested-by: Luca De Feo, Bertram Poettering, Alessandro Sorniotti
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
1