#acl PaulHowarth:read,write,admin,revert,delete All:read

=== Sunday 21st August 2016 ===

==== Local Packages ====

 * Updated `libgcrypt` to 1.6.6:
  * Fix critical security bug in the RNG ([[CVE:2016-6313|CVE-2016-6313]]); an attacker who obtains 580 bytes from the standard RNG can trivially predict the next 20 bytes of output
 * Updated `libgcrypt` (1.5) to 1.5.6:
  * Improved performance of RSA, DSA, and Elgamal by using a new exponentiation algorithm ([[CVE:2014-5270|CVE-2014-5270]])
  * Fixed a subtle bug in `mpi_set_bit` that could set spurious bits
  * Fixed a bug in an internal division function
  * Mitigate chosen cipher text attacks on ECDH with Weierstrass curves ([[CVE:2015-7511|CVE-2015-7511]])
  * Use ciphertext blinding for Elgamal decryption ([[CVE:2014-3591|CVE-2014-3591]])
  * Fix critical security bug in the RNG ([[CVE:2016-6313|CVE-2016-6313]]); an attacker who obtains 580 bytes from the standard RNG can trivially predict the next 20 bytes of output
 * Updated `perl-Email-Address` (1.908), `perl-Env-Sanctify` (1.12) and `perl-Error` (0.17024) to build-require `perl-generators` for proper dependency generation
 * Updated `perl-Module-CoreList` to 5.20160820:
  * Updated for v5.25.4

----