Advisory: CLSA-2023:1698945053
OS: CentOS 7 ELS
Public date: 2023-11-02 13:10:55
Project: libgcrypt
Version: 1.5.3-14.el7.tuxcare.els1
Errata link: https://errata.tuxcare.com/centos7-els/CLSA-2023-1698945053.html
- CVE-2013-4576: Normalize the MPIs to prevent possible side-channel attacks - CVE-2014-3591: Use ciphertext blinding for Elgamal to prevent possible side-channel attacks - CVE-2021-33560: Use of smaller K for ephemeral key in ElGamal prevent generation of weak keys - CVE-2021-40528: Add exponent blinding as well to mitigate side-channel attack on mpi_powm - tests: Add a benchmark for Elgamal
Update command: yum update libgcrypt*
libgcrypt-1.5.3-14.el7.tuxcare.els1.i686.rpm libgcrypt-1.5.3-14.el7.tuxcare.els1.x86_64.rpm libgcrypt-devel-1.5.3-14.el7.tuxcare.els1.i686.rpm libgcrypt-devel-1.5.3-14.el7.tuxcare.els1.x86_64.rpm