Sunday 21st August 2016
Local Packages
Updated libgcrypt to 1.6.6:
Fix critical security bug in the RNG (CVE-2016-6313); an attacker who obtains 580 bytes from the standard RNG can trivially predict the next 20 bytes of output
Updated libgcrypt (1.5) to 1.5.6:
Improved performance of RSA, DSA, and Elgamal by using a new exponentiation algorithm (CVE-2014-5270)
Fixed a subtle bug in mpi_set_bit that could set spurious bits
- Fixed a bug in an internal division function
Mitigate chosen cipher text attacks on ECDH with Weierstrass curves (CVE-2015-7511)
Use ciphertext blinding for Elgamal decryption (CVE-2014-3591)
Fix critical security bug in the RNG (CVE-2016-6313); an attacker who obtains 580 bytes from the standard RNG can trivially predict the next 20 bytes of output
Updated perl-Email-Address (1.908), perl-Env-Sanctify (1.12) and perl-Error (0.17024) to build-require perl-generators for proper dependency generation
Updated perl-Module-CoreList to 5.20160820:
- Updated for v5.25.4