FEDORA-2015-2872

security update in Fedora 22 for gnupg

Status: stable 4 years ago

New upstream v1.4.19 - Use ciphertext blinding for Elgamal decryption [CVE-2014-3591] - Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837]

Comments 14

This update has been submitted for testing by bcl.

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/42409/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/42409/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 22 testing updates repository.

This update has been pushed to testing

no problems spotted

karma: +1

This update has reached the stable karma threshold and will be pushed to the stable updates repository

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/46967/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/46968/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/46968/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 22 stable updates repository.

This update has been pushed to stable

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted 4 years ago
in testing 4 years ago
in stable 4 years ago
modified 4 years ago

Related Bugs 3

00 #1198145 CVE-2014-3591 libgcrypt: use ciphertext blinding for Elgamal decryption (new side-channel attack)
00 #1198147 CVE-2015-0837 libgcrypt: last-level cache side-channel attack
00 #1198154 CVE-2015-0837 CVE-2014-3591 gnupg: various flaws [fedora-all]

Automated Test Results