Ubuntu: Security Advisory (USN-3347-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : libgcrypt (openSUSE-2017-743)

This update for libgcrypt fixes the following issues : - CVE-2017-9526: Store the session key in secure memory to ensure that constant time point operations are used in the MPI library. bsc1042326 - Don't require secure memory for the fips selftests, this prevents the 'Oops, secure memory pool...

SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2017:1608-1)

This update for libgcrypt fixes the following issues : - CVE-2017-9526: Store the session key in secure memory to ensure that constant time point operations are used in the MPI library. bsc1042326 - Don't require secure memory for the fips selftests, this prevents the 'Oops, secure memory pool...

[SECURITY] [DSA 3880-1] libgcrypt20 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3880-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 14, 2017 https://www.debian.org/security/faq -...

CVE-2017-9526

CVE-2017-9526 affects Libgcrypt prior to 1.7.7, where an attacker who observes the EdDSA session key during signing can recover the long-term secret key. Version 1.7.7 changes libgcrypt/ ecc-eddsa.c to store the session key in secure memory and ensures constant-time point operations in the MPI li...