ubuntu/+source/libgcrypt20:ubuntu/xenial-updates

Last commit made on 2020-01-14
Get this branch:
git clone -b ubuntu/xenial-updates https://git.launchpad.net/ubuntu/+source/libgcrypt20
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/xenial-updates
Repository:
lp:ubuntu/+source/libgcrypt20

Recent commits

3bc553a... by Marc Deslauriers on 2020-01-13

Import patches-unapplied version 1.6.5-2ubuntu0.6 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 5245bf601df92e5cda8b69ba2f4397d4017ec697

New changelog entries:
  * SECURITY UPDATE: ECDSA timing attack
    - debian/patches/CVE-2019-13627.patch: add mitigation against timing
      attack in cipher/ecc-ecdsa.c, mpi/ec.c.
    - CVE-2019-13627

5245bf6... by Marc Deslauriers on 2018-06-18

Import patches-unapplied version 1.6.5-2ubuntu0.5 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 0f7a5a101a7f0c08139c2994591d4b1702ed7900

New changelog entries:
  * SECURITY UPDATE: memory-cache side-channel attack on ECDSA signatures
    - debian/patches/CVE-2018-0495.patch: add blinding for ECDSA in
      cipher/ecc-ecdsa.c.
    - CVE-2018-0495

0f7a5a1... by Vineetha Kamath on 2018-02-16

Import patches-unapplied version 1.6.5-2ubuntu0.4 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: d3c2d743605d8e48c6458eeb569aaf9b3653f7b6

New changelog entries:
  * Disable the library reading /proc/sys/crypto/fips_enabled file
    and going into FIPS mode. This fixes a hang on boot when using a
    FIPS-enabled kernel with encrypted installations (LP: #1748310)
    - debian/patches/disable_fips_enabled_read.patch

d3c2d74... by Marc Deslauriers on 2017-07-03

Import patches-unapplied version 1.6.5-2ubuntu0.3 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 6b3b55f468d6bc464f1eba4f2c4618c2d3b72840

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-4.patch: add free to cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: add free to cipher/rsa.c.
    - CVE-2017-7526
  * SECURITY UPDATE: EdDSA key recovery via side-channel attack
    - debian/patches/CVE-2017-9526-1.patch: store EdDSA session key in
      secure memory in cipher/ecc-eddsa.c.
    - debian/patches/CVE-2017-9526-2.patch: fix SEGV and stat calculation
      src/secmem.c.
    - CVE-2017-9526

6b3b55f... by Marc Deslauriers on 2016-08-18

Import patches-unapplied version 1.6.5-2ubuntu0.2 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 2f7aa28e5828f08455f462e03b153ff3287c9362

New changelog entries:
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve the diagram showing the
      random mixing in random/random-csprng.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in random/random-csprng.c.
    - CVE-2016-6313
  * debian/rules: disable unaligned memory access on arm to fix FTBFS.

2f7aa28... by Andreas Metzler <email address hidden> on 2016-02-10

Import patches-unapplied version 1.6.5-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7cc2ac2027f48b18098748ce783d0d644a5cafdd

New changelog entries:
  * serial-tests was added in automake 1.12, add versioned b-d.
  * Upload to unstable.

7cc2ac2... by Andreas Metzler <email address hidden> on 2016-02-09

Import patches-unapplied version 1.6.5-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 2fb979a10bd1d841fa386fbfabeee1b67cea4b1a

New changelog entries:
  * New upstream bugfix release.
    + Mitigate side-channel attack on ECDH with Weierstrass curves
     [CVE-2015-7511]. See http://www.cs.tau.ac.IL/~tromer/ecdh/ for
     details.

2fb979a... by Andreas Metzler <email address hidden> on 2016-01-24

Import patches-unapplied version 1.6.4-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4a18e173c53dfb8e00e263cdb9343b7d5929e0e4

New changelog entries:
  * Move Vcs-* from git/http to https.
  * Add 30_support_source_date_epoch.diff: Support setting BUILD_TIMESTAMP
    using SOURCE_DATE_EPOCH through the SOURCE_DATE_EPOCH environment
    variable. (Thanks, Jérémy Bobbio!). Use/b-d on dh-autoreconf instead of
    autotools-dev. Closes: #812428

4a18e17... by Andreas Metzler <email address hidden> on 2015-12-25

Import patches-unapplied version 1.6.4-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8c8cc02e16e3b894de14f3808c53a0741d75bf55

New changelog entries:
  * Delete build-aux/texinfo.tex and let texinfo use the system copy instead
    to prevent breakage in pdf generation in UTF-8 locale. Closes: #803081
  * Migrate from libgcrypt20-dbg to ddebs. dh_strip's --ddeb-migration
    option was added to debhelper/unstable with version 9.20150628, bump
    build-dependency accordingly.

8c8cc02... by Andreas Metzler <email address hidden> on 2015-10-18

Import patches-unapplied version 1.6.4-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 41eef2348392d1abe9b250588e4ed506693d1011

New changelog entries:
  * Upload to unstable.
  * Ship pdf instead of postscript docs.