This is to track fixes for this side channel attack.
Timeline:
- 2018-05-24 - security@gnupg org was notified and received a draft paper
- 2018-05-28 - @gniibe proposed a first patch for evaluation
- 2018-05-28 - a CVE id was assigned on the researches request
- 2018-05-31 - we received confirmation thar the patch mitigates the issue.
- 2018-06-13 - we released new Libgcrypt versions and a new windows installer.