ubuntu/+source/libgcrypt20:ubuntu/yakkety-security

Last commit made on 2017-07-03
Get this branch:
git clone -b ubuntu/yakkety-security https://git.launchpad.net/ubuntu/+source/libgcrypt20
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/yakkety-security
Repository:
lp:ubuntu/+source/libgcrypt20

Recent commits

b9526df... by Marc Deslauriers on 2017-07-03

Import patches-unapplied version 1.7.2-2ubuntu1.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 8881b64674922419575560aad0ca524f6dce454c

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-4.patch: add free to cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: add free to cipher/rsa.c.
    - CVE-2017-7526
  * SECURITY UPDATE: EdDSA key recovery via side-channel attack
    - debian/patches/CVE-2017-9526-1.patch: store EdDSA session key in
      secure memory in cipher/ecc-eddsa.c.
    - debian/patches/CVE-2017-9526-2.patch: fix SEGV and stat calculation
      src/secmem.c.
    - CVE-2017-9526

8881b64... by Marc Deslauriers on 2016-08-17

Import patches-unapplied version 1.7.2-2ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: efd83578712d009dd6bc916f32e9599219440773

New changelog entries:
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve the diagram showing the
      random mixing in random/random-csprng.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in random/random-csprng.c.
    - CVE-2016-6313

efd8357... by Andreas Metzler <email address hidden> on 2016-07-17

Import patches-unapplied version 1.7.2-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c8818c92855bb49356b38e23ad36203fce76165d

New changelog entries:
  * Upload to unstable.

c8818c9... by Andreas Metzler <email address hidden> on 2016-07-15

Import patches-unapplied version 1.7.2-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 4bfa384e616dea280650f46bd75c2ed66957c375

New changelog entries:
  * New upstream bugfix release.

4bfa384... by Andreas Metzler <email address hidden> on 2016-06-18

Import patches-unapplied version 1.7.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 194411a273367b85ba5e0b618443a3ecc882eadd

New changelog entries:
  * Upload to unstable.

194411a... by Andreas Metzler <email address hidden> on 2016-06-16

Import patches-unapplied version 1.7.1-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: fc28832bb37fb11f197b55e764a45befb07313cd

New changelog entries:
  * Fix package descriptions. The algorithm-list was incomplete for some
    packages. Closes: #821368 (Thanks, Katsuhiko Nishimra)
  * New upstream bugfix release, update copyright info.

fc28832... by Andreas Metzler <email address hidden> on 2016-04-17

Import patches-unapplied version 1.7.0-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 15ee425d6126e8008e93041a3aaed97ccd3a2ea2

New changelog entries:
  * Upload to unstable.

15ee425... by Andreas Metzler <email address hidden> on 2016-04-15

Import patches-unapplied version 1.7.0-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 226a2ce16ecc96bffbab12d38cdcf91089d62b7c

New changelog entries:
  * New upstream release.
  * Update debian/copyright from AUTHORS.
  * Update algorithm list in package description.

226a2ce... by Andreas Metzler <email address hidden> on 2016-04-13

Import patches-unapplied version 1.6.5+git20160413+8472b-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: bfbbf0aa0327366cdba41cc011d69f51275d7be4

New changelog entries:
  * New upstream snapshot.
  * Use hardening=+bindnow instead of hardening=+all, we are mainly shipping
    libraries, including static ones.

bfbbf0a... by Andreas Metzler <email address hidden> on 2016-04-07

Import patches-unapplied version 1.6.5+git20160407+5e5d3-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: dcb8dfec4b130787f108b7495110734be07b66e8

New changelog entries:
  * New upstream snapshot.