Download
| Alert*
|
oval:org.secpod.oval:def:89045369
This update for libgcrypt fixes the following issues: - RNG prediction vulnerability oval:org.secpod.oval:def:2101511 The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits. oval:org.secpod.oval:def:204151 The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix: * A design flaw was found in the libgcrypt PRNG . An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. Red Hat would like to thank Fel ... oval:org.secpod.oval:def:204035 The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix: * A design flaw was found in the libgcrypt PRNG . An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. Red Hat would like to thank Fel ... oval:org.secpod.oval:def:111259 GnuPG is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with any version of ... oval:org.secpod.oval:def:111311 GnuPG is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with any version of ... oval:org.secpod.oval:def:111299 Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. oval:org.secpod.oval:def:1800748 A design flaw was found in the libgcrypt PRNG . An attacker who can obtain the first 580 bytes of the PRNG output, can trivially predict the following 20 bytes. Fixed In Version: libgcrypt 1.7.3, libgcrypt 1.6.6, libgcrypt 1.5.6, gnupg 1.4.21 oval:org.secpod.oval:def:1501649 A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. oval:org.secpod.oval:def:1600447 A design flaw was found in the libgcrypt PRNG . An attacker who can obtain the first 580 bytes of the PRNG output can trivially predict the following 20 bytes. oval:org.secpod.oval:def:703238 gnupg: GNU privacy guard - a free PGP replacement GnuPG incorrectly generated random numbers. oval:org.secpod.oval:def:602593 Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG"s random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. A first analysis on the impact of this bug for ... oval:org.secpod.oval:def:51619 gnupg: GNU privacy guard - a free PGP replacement GnuPG incorrectly generated random numbers. oval:org.secpod.oval:def:602592 Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of Libgcrypt"s random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. A first analysis on the impact of this bug ... oval:org.secpod.oval:def:703240 libgcrypt20: LGPL Crypto library - libgcrypt11: LGPL Crypto library Libgcrypt incorrectly generated random numbers. oval:org.secpod.oval:def:51621 libgcrypt20: LGPL Crypto library - libgcrypt11: LGPL Crypto library Libgcrypt incorrectly generated random numbers. oval:org.secpod.oval:def:501931 The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix: * A design flaw was found in the libgcrypt PRNG . An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. Red Hat would like to thank Fel ... oval:org.secpod.oval:def:1501644 A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. |
