openSUSE-SU-2020:0022-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:0022-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2020:0022-1
- Related
- Published
- 2020-01-13T15:18:14Z
- Modified
- 2020-01-13T15:18:14Z
- Summary
- Security update for libgcrypt
- Details
-
This update for libgcrypt fixes the following issues:
Security issues fixed:
- CVE-2019-13627: Mitigation against an ECDSA timing attack (bsc#1148987).
Bug fixes:
- Added CMAC AES self test (bsc#1155339).
- Added CMAC TDES self test missing (bsc#1155338).
- Fix test dsa-rfc6979 in FIPS mode.
This update was imported from the SUSE:SLE-15-SP1:Update update project.
- References
Affected packages
openSUSE:Leap 15.1 / libgcrypt
Package
- Name
- libgcrypt
- Purl
- purl:rpm/suse/libgcrypt&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.8.2-lp151.9.7.1
Ecosystem specific
{
"binaries": [
{
"libgcrypt-cavs": "1.8.2-lp151.9.7.1",
"libgcrypt20": "1.8.2-lp151.9.7.1",
"libgcrypt20-32bit": "1.8.2-lp151.9.7.1",
"libgcrypt-devel": "1.8.2-lp151.9.7.1",
"libgcrypt20-hmac-32bit": "1.8.2-lp151.9.7.1",
"libgcrypt20-hmac": "1.8.2-lp151.9.7.1",
"libgcrypt-devel-32bit": "1.8.2-lp151.9.7.1"
}
]
}