Page MenuHome GnuPG
Create Task
Maniphest T4683

Release Libgcrypt 1.8.5
Closed, ResolvedPublic
Actions

Description

  • Bug fixes:
    • Add mitigation against an ECDSA timing attack. [T4626,CVE-2019-13627]
    • Improve ECDSA unblinding.
  • Other features:
    • Provide a pkg-config file for libgcrypt.

Details

External Link
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000440.html
Version
1.8.5

Related Objects
Search...

StatusAssignedTask
 ResolvedwernerT4684 Release GnuPG 2.2.18
 ResolvedNoneT4683 Release Libgcrypt 1.8.5

Event Timeline

werner created this task.Aug 23 2019, 11:28 AM
werner added a parent task: T4684: Release GnuPG 2.2.18.Aug 23 2019, 11:31 AM
werner mentioned this in T4685: Any plans to make new release?.Aug 26 2019, 8:49 AM
werner closed this task as Resolved.Aug 29 2019, 3:24 PM
werner updated the task description. (Show Details)
werner added a project: CVE.
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000440.html.Aug 29 2019, 5:39 PM
werner added a comment.Oct 4 2019, 8:57 AM

See https://minerva.crocs.fi.muni.cz/ for a description of the timing attack.