Monday 9th March 2015
Local Packages
Updated libgcrypt to 1.6.3:
Use ciphertext blinding for Elgamal decryption (CVE-2014-3591)
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details
Fixed data-dependent timing variations in modular exponentiation (related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks are Practical)
- Improved asm support for older toolchains
Updated libspf2 to 1.2.10:
- Fixes IPv6-related issues
Updated libxslt (1.1.28) to de-activate the hardened build as it seems buggy (Bug #1199522)
Updated perl-Pod-Spell to 1.17:
Revert changes in 1.16 they are not compatible with windows (GH #18)