TEMP-0000000-96B2E9

NameTEMP-0000000-96B2E9
Descriptionhardening for RSA-CRT leak
SourceAutomatically generated temporary name. Not for external reference.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libgcrypt11 (PTS)wheezy1.5.0-5+deb7u4vulnerable
wheezy (security)1.5.0-5+deb7u6vulnerable
libgcrypt20 (PTS)jessie (security), jessie1.6.3-2+deb8u4vulnerable
stretch (security), stretch1.7.6-2+deb9u2fixed
buster, sid1.8.1-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libgcrypt11source(unstable)(unfixed)
libgcrypt20source(unstable)1.6.4-3

Notes

[wheezy] - libgcrypt11 <no-dsa> (Minor issue; additional hardening)
[squeeze] - libgcrypt11 <no-dsa> (Minor issue; additional hardening)
[jessie] - libgcrypt20 <no-dsa> (Minor issue; additional hardening)
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=b85c8d6645039fc9d403791750510e439731d479
CVE Request: http://www.openwall.com/lists/oss-security/2015/09/08/5
Thread on oss-security to clarify if this should be CVE-2015-5738 or a new CVE

Search for package or bug name: Reporting problems