1009 matches found
Medium: libgcrypt, gnupg
Issue Overview: A design flaw was found in the libgcrypt PRNG Pseudo-Random Number Generator. An attacker who can obtain the first 580 bytes of the PRNG output can trivially predict the following 20 bytes. Affected Packages: libgcrypt, gnupg Issue Correction: Run yum update libgcrypt or yum updat...
Fedora 23 : libgcrypt (2016-2b4ecfa79f)
Important update from upstream which fixes predictability problem in the RNG CVE-2016-6313. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possib...
Fedora Update for libgcrypt FEDORA-2016-2b4ecfa79f
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 23 Update: libgcrypt-1.6.6-1.fc23
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
openSUSE Security Update : libgcrypt (openSUSE-2016-1042)
This update for libgcrypt fixes the following issues : - RNG prediction vulnerability boo994157, CVE-2016-6313 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-1042. The text...
Updated gnupg/libgcrypt packages fix security vulnerability
Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output CVE-2016-6313. The gnupg package has been...
[SECURITY] Fedora 25 Update: libgcrypt-1.6.6-1.fc25
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
USN-3065-1 Libgcrypt vulnerability | Cloud Foundry
USN-3065-1 Libgcrypt vulnerability High Vendor Canonical Ubuntu, libgcrypt Versions Affected Canonical Ubuntu 14.04 LTS Description Felix Dörre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits...
Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : libgcrypt (SSA:2016-236-02)
New libgcrypt packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2016-236-02. Th...
[slackware-security] libgcrypt
New libgcrypt packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libgcrypt-1.7.3-i586-1slack14.2.txz: Upgraded. Fix critical security bug in the RNG CVE-2016-6313...
GNU Libgcrypt and GnuPG Predictable Random Number Generation Vulnerability
GNU Libgcrypt and GnuPG GNU Privacy Guard are both general-purpose cryptographic libraries developed by the GNU Project based on the GnuPG code. A predictable random number generation vulnerability exists in the mixing function in GNU Libgcrypt prior to 1.6.3-2+deb8u2 and GnuPG prior to...
Fedora 24 : libgcrypt (2016-81aab0aff9)
Important update from upstream which fixes predictability problem in the RNG. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
libgcrypt: information disclosure
Felix Drre and Vladimir Klebanov from the Karlsruhe Institute of Technology found a bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. This bug exists since 1998 in all GnuPG and...
Fedora Update for libgcrypt FEDORA-2016-81aab0aff9
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 24 Update: libgcrypt-1.6.6-1.fc24
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
Ubuntu 14.04 LTS / 16.04 LTS : Libgcrypt vulnerability (USN-3065-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3065-1 advisory. Felix Drre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to...
CVE-2016-6313
A design flaw was found in the libgcrypt PRNG Pseudo-Random Number Generator. An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes...
USN-3065-1 libgcrypt11, libgcrypt20 vulnerability
Felix Dörre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output...
USN-3065-1: Libgcrypt vulnerability
Felix Dörre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output...
GPG Patches 18-Year-Old Libgcrypt RNG Bug
New versions of Libgcrypt and Gnu Privacy Guard GnuPG or GPG released on Wednesday include security fixes for vulnerabilities discovered in the mixing functions of the Libgcrypt random number generator. The flaws were privately disclosed by Felix Dörre and Vladimir Klebanov of Karlsruhe Institute...