FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  366223
Date:      2014-08-26
Time:      16:36:41Z
Committer: rene

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
689c2bf7-0701-11e3-9a25-002590860428GnuPG and Libgcrypt -- side-channel attack vulnerability

Werner Koch of the GNU project reports:

Noteworthy changes in version 1.5.3:

Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys...

Note that Libgcrypt is used by GnuPG 2.x and thus this release fixes the above problem. The fix for GnuPG less than 2.0 can be found in the just released GnuPG 1.4.14.


Discovery 2013-07-18
Entry 2013-08-17
libgcrypt
lt 1.5.3

linux-f10-libgcrypt
lt 1.5.3

CVE-2013-4242
http://eprint.iacr.org/2013/448
http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000329.html
http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html