Created by Ubuntu Package Importer on 2014-09-03 and last modified on 2016-08-17
Get this branch:
bzr branch lp:ubuntu/trusty-security/libgcrypt11
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

42. By Marc Deslauriers on 2016-08-17

* SECURITY UPDATE: random number generator prediction
  - debian/patches/CVE-2016-6313-1.patch: improve the diagram showing the
    random mixing in random/random-csprng.c.
  - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
    csprng pool in random/random-csprng.c.
  - CVE-2016-6313

41. By Marc Deslauriers on 2016-02-10

* SECURITY UPDATE: side-channel attack on ECDH
  - debian/patches/CVE-2015-7511.patch: perform input validation in
    cipher/ecc.c, src/mpi.h, use constant-time multiplication in
  - CVE-2015-7511

40. By Marc Deslauriers on 2015-03-26

* SECURITY UPDATE: sidechannel attack on Elgamal
  - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
  - CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
  - debian/patches/CVE-2015-0837.patch: avoid timing variations in
    mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
  - CVE-2015-0837

39. By Marc Deslauriers on 2014-08-19

* SECURITY UPDATE: side-channel attack on Elgamal encryption subkeys
  - debian/patches/add_gcry_divide_by_zero.patch: replace deliberate
    division by zero with new _gcry_divide_by_zero().
  - debian/patches/CVE-2014-5270.patch: use sliding window method for
    exponentiation algorithm in mpi/mpi-pow.c.
  - CVE-2014-5270

38. By Matthias Klose on 2013-12-17

Move texinfo to Build-Depends.

37. By Seth Arnold on 2013-11-27

* Merge from Debian unstable. Remaining changes:
  - no-global-init-thread-callbacks.diff: Do not call global_init when
    setting thread callbacks

36. By Seth Arnold on 2013-08-13

* SECURITY UPDATE: The path of execution in an exponentiation function may
  depend upon secret key data, allowing a local attacker to determine the
  contents of the secret key through a side-channel attack.
  - debian/patches/CVE-2013-4242.diff: always perform the mpi_mul for
    exponents in secure memory. Based on upstream patch.
  - CVE-2013-4242

35. By Adam Stokes on 2012-11-09

Reverts previous upload since it broke graphical login with gnupg-agent
installed (LP: #1076906)

34. By Adam Stokes on 2012-11-05

[Howard Chu]
Fix regression during disable/suspend of secure memory
(LP: #1013798)

33. By Adam Stokes on 2012-05-15

Do not call global_init when setting thread callbacks (LP: #423252)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.