[SECURITY] [DSA 6294-1] libgcrypt20 security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 6294-1] libgcrypt20 security update
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 22 May 2026 21:50:33 +0000
Message-id: <[🔎] E1wQXlJ-000000088pQ-0Qlp@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6294-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 22, 2026                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libgcrypt20
CVE ID         : CVE-2026-41989

It was discovered that an incorrect implementation of ECDH encryption
(with NIST, Brainpool, X448, or X25519 curves) within Libgcrypt could
result in denial of service.

For the oldstable distribution (bookworm), this problem has been fixed
in version 1.10.1-3+deb12u1.

For the stable distribution (trixie), this problem has been fixed in
version 1.11.0-7+deb13u1.

We recommend that you upgrade your libgcrypt20 packages.

For the detailed security status of libgcrypt20 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/libgcrypt20

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmoQz2hfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Q8oxAAlNHcLdrpfsFGMxHXPUr1/QsMp4sc6jnyf3K2NbRcjwjhHA1jvHNEmote
k9qmg8hG/ilacQkc48lG4mzF0cwE2UmOXN53vGo1Kps9fjnZ++Fwq0W+lGFLpvFz
bwh5x5kU63jKVKfWbXOTmj9hpw0utOPJbkpCki+SD9BWAYuRmqWfpsO+0vyOYNCd
Wm54QIc8aCAO7YvhDIzsVjO3G/5R09V0hR+Nflq5oyKwYJy50BwJ3p8OMH3WYCEQ
1uFsSis2qr+c2QWkBBe5YQk9KYXoj9g1h+wqovKpLTc8NpYXA4wxwbrSH87PmaV2
h2GIBvAOmen9/yRjvNc8WvQN4IyOA+eEBw+CYpPyv6hQKQeT2ys+UFvcX1FduPgk
6ZcTTDT0VaTOOdmGPq3IJ5Cq9OrLmVidNNoLWGpxmmFGHXWgz18laziQAjBKF9Vl
umUuK7cWTkg1Yzjk1k7QNfGgUM+gMvB9evIuoCH23LTOAhoc8H+8M7U7XzavPP+j
E53SM0hFzkWQOStTwmCnxyPbh7eNuziRc7lznAKjcGS8Ko6lDUK1o6lkcET/+MVE
xuFS/t3+YCpn4u8mwSF6GSmsk+7+PCfY0Bch6aewCtSWrcyB3+0/bTzQZ/Gl2i0B
Ac923ETtKckFf+A9Dv0GxSH32Emmi7B5i3YDlKRo84cNRo9+JZw=
=n+JN
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 6293-1] krb5 security update
Next by Date: [SECURITY] [DSA 6295-1] linux security update
Previous by thread: [SECURITY] [DSA 6293-1] krb5 security update
Next by thread: [SECURITY] [DSA 6295-1] linux security update
Index(es):
- Date
- Thread