Information on source package libgcrypt20

Available versions


Open issues

CVE-2019-13627vulnerable (no DSA)vulnerable (no DSA)fixedfixedIt was discovered that there was a ECDSA timing attack in the libgcryp ...

Open unimportant issues

CVE-2018-6829vulnerablevulnerablevulnerablevulnerablecipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ...

Resolved issues

TEMP-0000000-96B2E9hardening for RSA-CRT leak
CVE-2018-0495Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache s ...
CVE-2017-9526In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session ke ...
CVE-2017-7526libgcrypt before version 1.7.8 is vulnerable to a cache side-channel a ...
CVE-2017-0379Libgcrypt before 1.8.1 does not properly consider Curve25519 side-chan ...
CVE-2016-6313The mixing functions in the random number generator in Libgcrypt befor ...
CVE-2015-7511Libgcrypt before 1.6.5 does not properly perform elliptic-point curve ...
CVE-2015-0837The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.1 ...
CVE-2014-5270Libgcrypt before 1.5.4, as used in GnuPG and other products, does not ...
CVE-2014-3591Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciph ...

Security announcements

DSA / DLADescription
DLA-1931-2libgcrypt20 - regression update
DLA-1931-1libgcrypt20 - security update
DLA-1405-1libgcrypt20 - security update
DSA-4231-1libgcrypt20 - security update
DSA-3959-1libgcrypt20 - security update
DSA-3901-1libgcrypt20 - security update
DSA-3880-1libgcrypt20 - security update
DSA-3650-1libgcrypt20 - security update
DSA-3474-1libgcrypt20 - security update

Search for package or bug name: Reporting problems