Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered
that the ECDH secret decryption keys in applications using the
libgcrypt11 library could be leaked via a side-channel attack.
See
https://www.cs.tau.ac.IL/~tromer/ecdh/ for details.
For the oldstable distribution (wheezy), this problem has been fixed
in version 1.5.0-5+deb7u4.
We recommend that you upgrade your libgcrypt11 packages.
CPE | Name | Operator | Version |
---|---|---|---|
libgcrypt11 | eq | 1.5.0-5 | |
libgcrypt11 | eq | 1.5.0-5+deb7u3 | |
libgcrypt11 | eq | 1.5.0-5+deb7u2 | |
libgcrypt11 | eq | 1.5.0-5+deb7u1 |