Date: Fri, 30 Jun 2017 12:23:00 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 220382] security/libgcrypt: update to 1.7.8 (fix CVE-2017-7526) Message-ID: <bug-220382-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220382 Bug ID: 220382 Summary: security/libgcrypt: update to 1.7.8 (fix CVE-2017-7526) Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: cpm@freebsd.org Created attachment 183938 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D183938&action= =3Dedit patch-libgcrypt-1.7.8 - Update libgcrypt to 1.7.8 - Bump library version in pkg-plist Noteworthy changes in version 1.7.8 * Bug fixes: - Mitigate a flush+reload side-channel attack on RSA secret keys dubbed "Sliding right into disaster". For details see <https://eprint.iacr.org/2017/627>. [CVE-2017-7526] Changes: https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html Binary compatibility report: https://abi-laboratory.pro/tracker/compat_report/libgcrypt/1.7.7/1.7.8/95cc= 7/abi_compat_report.html --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-220382-13>