Information disclosure

cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional...

CVE-2018-6829

CVE-2018-6829 affects Libgcrypt’s ElGamal (cipher/elgamal.c) up to version 1.8.2. When used to encrypt messages directly, it can improperly encode plaintexts, allowing a ciphertext-only attacker to recover sensitive information. The issue is tied to Libgcrypt’s DDH assumption not holding for its ...

CVE-2018-6829

cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional...

CVE-2018-6829

cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional...

Gnupg Libgcrypt CVE-2018-6829 Information Disclosure Vulnerability

Description Gnupg Libgcrypt is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Gnupg Libgcrypt 1.8.2 and prior are vulnerable. Technologies Affected Gnupg Libgcrypt 1.4.0 Gnupg Libgcrypt 1.4.3 Gnup...

Fedora 27 : libgcrypt (2017-a9c79eed83)

Minor security update Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenabl...

The vulnerability of the libgcrypt11 library, related to the lack of protection for service data, allows attackers to compromise data confidentiality.

The vulnerability of the libgcrypt11 library is related to the lack of protection for service data. Exploiting this vulnerability allows a local attacker to compromise the confidentiality of data by fully recovering the RSA key, using a sliding window technique from left to right...

Fedora Update for libgcrypt FEDORA-2017-8cd171f540

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BSA-2017-458

Security Advisory ID : BSA-2017-458 Component : Libgcrypt Revision : 2.0: Final libgcrypt: use ciphertext blinding for Elgamal decryption new side-channel attack...

BSA-2017-457

Security Advisory ID : BSA-2017-457 Component : GnuPG & Libgcrypt Revision : 2.0: Final GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka...

Fedora 25 : libgcrypt (2017-8cd171f540)

Minor security update release 1.7.9. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

[SECURITY] Fedora 25 Update: libgcrypt-1.7.9-1.fc25

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

Fedora 26 : libgcrypt (2017-bcdeca9d41)

Minor security update release 1.7.9. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

Fedora Update for libgcrypt FEDORA-2017-bcdeca9d41

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 26 Update: libgcrypt-1.7.9-1.fc26

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

Critical Photon OS Security Update - PHSA-2017-0080

Updates of 'libgcrypt', 'strongswan', 'libtar', 'unzip', 'glibc', 'openjdk' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2017-0078

Updates of 'dosfstools', 'git', 'libgcrypt', 'mercurial', 'linux', 'mysql', 'ncurses', 'gnutls', 'dnsmasq', 'apache- tomcat', 'binutils', 'c-ares', 'linux-esx', 'nginx', 'mesos', 'libtasn1' packages of Photon OS have been released...

[SECURITY] Fedora 27 Update: libgcrypt-1.8.1-1.fc27

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

Slackware 14.2 / current : libgcrypt (SSA:2017-261-02)

New libgcrypt packages are available for Slackware 14.2 and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-261-02. The text itself is copyright C...

[slackware-security] libgcrypt

New libgcrypt packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libgcrypt-1.7.9-i586-1slack14.2.txz: Upgraded. Mitigate a local side-channel attack on Curve25519 dubbed "May the Fourth be With...