Description
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel
attacks, which makes it easier for attackers to discover a secret key,
related to cipher/ecc.c and mpi/ec.c.
Package
Upstream: | needs-triage
|
Ubuntu 14.04 ESM: | not-affected
(code not present)
|
Patches:
Package
Upstream: | released
(1.7.9-1)
|
Ubuntu 16.04 ESM: | not-affected
(code not present)
|
Ubuntu 14.04 ESM: | DNE
(trusty was not-affected [code not present])
|
Patches:
Updated: 2022-04-13 12:45:01 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)