SUSE SLED15 / SLES15 Security Update : libgcrypt (SUSE-SU-2018:1993-1)

This update for libgcrypt fixes the following issue: The following security issue was fixed : - CVE-2018-0495: Fixed a novel side-channel attack, by enabling blinding for ECDSA signatures bsc1097410 Note that Tenable Network Security has extracted the preceding description block directly from the...

Security Bulletin: Vulnerabilities in OpenSSL affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in OpenSSL. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server duri...

Medium: openssl

Issue Overview: Libgcrypt allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA...

SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2018:2452-2)

This update for libgcrypt fixes the following issues : The following security vulnerability was addressed : CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures bsc1097410. The following other issues were fixed: Extended the fipsdrv dsa-sign and dsa-verify...

SUSE-SU-2018:2452-2 Security update for libgcrypt

This update for libgcrypt fixes the following issues: The following security vulnerability was addressed: - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures bsc1097410. The following other issues were fixed: - Extended the fipsdrv dsa-sign and dsa-veri...

Security Bulletin: A Security Vulnerability could affect IBM® Cloud Private (CVE-2017-7526)

Summary Users of IBM Cloud Private could be affected by a vulnerability in MongoDB Vulnerability Details CVEID: CVE-2017-7526 DESCRIPTION: Libgcrypt could allow a remote attacker to obtain sensitive information, caused by a cache side-channel attack when using left-to-right sliding window method ...

ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...

openSUSE: Security Advisory for libgcrypt (openSUSE-SU-2018:2122-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Photon OS 2.0: Libgcrypt / Libsoup PHSA-2018-2.0-0091 (deprecated)

An update of 'libgcrypt', 'libsoup' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0091. The text itself is copyright C...

Photon OS 1.0: Libgcrypt / Libsoup PHSA-2018-1.0-0182 (deprecated)

An update of 'libsoup', 'libgcrypt' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0182. The text itself is copyright C...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0091

An update of 'libgcrypt', 'libsoup' packages of Photon OS has been released...

Critical Photon OS Security Update - PHSA-2018-0091

Updates of 'libgcrypt', 'libsoup' packages of Photon OS have been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0182

An update of 'libsoup', 'libgcrypt' packages of Photon OS has been released...

Critical Photon OS Security Update - PHSA-2018-0182

Updates of 'libgcrypt', 'libsoup' packages of Photon OS have been released...

Photon OS 1.0: Bash / Glibc / Libgcrypt / Libtar / Openjdk / Openjre / Strongswan / Unzip PHSA-2017-0040 (deprecated)

An update of openjdk,openjre,bash,libtar,glibc,libgcrypt,strongswan,unzip packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0040...

Photon OS 1.0: Cracklib / Glibc / Httpd / Libevent / Libgcrypt PHSA-2017-0013 (deprecated)

An update of cracklib,libevent,libgcrypt,httpd,glibc packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0013. The text itself is...

Side-Channel Attack

libgcrypt.so is vulnerable to side-channel attacks. The elliptic-point curve multiplication during decryption is not properly performed, which allows attackers within close proximity to extract the secret decryption key within seconds by measuring electromagnetic emanations...

openSUSE Security Update : libgcrypt (openSUSE-2018-795)

This update for libgcrypt fixes the following issues : The following security vulnerability was addressed : - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures bsc1097410. The following other issues were fixed : - Extended the fipsdrv dsa-sign and...

openSUSE: Security Advisory for libgcrypt (openSUSE-SU-2018:2178-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for libgcrypt (moderate)

This update for libgcrypt fixes the following issues: The following security vulnerability was addressed: - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures bsc1097410. The following other issues were fixed: - Extended the fipsdrv dsa-sign and dsa-veri...