MDVSA-2013:205 -- Mandriva gnupgID: oval:org.secpod.oval:def:1300221 | Date: (C)2013-10-08 (M)2023-12-07 |
Class: PATCH | Family: unix |
A vulnerability has been discovered and corrected in gnupg and in libgcrypt: Yarom and Falkner discovered that RSA secret keys in applications using GnuPG 1.x, and using the libgcrypt library, could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system . The updated packages have been patched to correct this issue.
Platform: |
Mandriva Enterprise Server 5.2 |