Control: tag -1 confirmed Niels Thykier <niels@thykier.net> (2015-03-14): > On 2015-03-09 15:22, Andreas Metzler wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian.org@packages.debian.org > > Usertags: unblock > > > > Hello, > > > > Please unblock package libgcrypt20. This is bugfix only stable > > release, taking care of two side-channel vulnerabilities (CVE-2015-0837 > > and CVE-2014-3591): > > Noteworthy changes in version 1.6.3 (2015-02-27) [C20/A0/R3] > > ------------------------------------------------ > > > > * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. > > See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. > > > > * Fixed data-dependent timing variations in modular exponentiation > > [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks > > are Practical]. > > > > * Improved asm support for older toolchains. > > > > Find attached the filtered debdiff (| filterdiff -x '*/build-aux/*' -x > > '*/Makefile.in' -x '*/configure' -x '*/gcrypt.info*' -x > > '*/aclocal.m4') versus testing. > > > > thanks, cu Andreas > > > > unblock libgcrypt20/1.6.3-2 > > > > It is a bit noiser than I liked (especially without your filterdiff), Indeed (and thanks for the said filterdiff)… > but ack from RT, CC'ing KiBi for a d-i ack. No objections, thanks. Mraw, KiBi.
Attachment:
signature.asc
Description: Digital signature