-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-31fdc84207 2021-07-01 01:12:48.702442 --------------------------------------------------------------------------------
Name : libgcrypt Product : Fedora 34 Version : 1.9.3 Release : 3.fc34 URL : https://www.gnupg.org/ Summary : A general-purpose cryptography library Description : Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version.
-------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2021-33560 (#1970098) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 15 2021 Jakub Jelen jjelen@redhat.com - 1.9.3-3 - Fix for CVE-2021-33560 (#1970098) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1970096 - CVE-2021-33560 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm https://bugzilla.redhat.com/show_bug.cgi?id=1970096 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-31fdc84207' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------