Release Libgcrypt 1.8.5
Closed, ResolvedPublic

Description

  • Bug fixes:
    • Add mitigation against an ECDSA timing attack. [T4626,CVE-2019-13627]
    • Improve ECDSA unblinding.
  • Other features:
    • Provide a pkg-config file for libgcrypt.

Related Objects

werner created this task.Aug 23 2019, 11:28 AM
werner closed this task as Resolved.Aug 29 2019, 3:24 PM
werner updated the task description. (Show Details)
werner added a project: CVE.
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000440.html.Aug 29 2019, 5:39 PM
werner added a comment.Oct 4 2019, 8:57 AM

See https://minerva.crocs.fi.muni.cz/ for a description of the timing attack.