Commit b3db3aba authored by Gustavo Zacarias's avatar Gustavo Zacarias Committed by Peter Korsgaard
Browse files

libgcrypt: security bump to version 1.6.3 



Fixes:
CVE-2014-3591 - Use ciphertext blinding for Elgamal decryption
CVE-2015-0837 - Fixed data-dependent timing variations in modular
exponentiation.

Signed-off-by: default avatarGustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: default avatarPeter Korsgaard <peter@korsgaard.com>
parent 67cebbdf

package/libgcrypt/libgcrypt.hash

+2 −2
Original line number Diff line number Diff line 
# From http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000355.html

sha1	cc31aca87e4a3769cb86884a3f5982b2cc8eb7ec	libgcrypt-1.6.2.tar.bz2
 
# From http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html

sha1	9456e7b64db9df8360a1407a38c8c958da80bbf1	libgcrypt-1.6.3.tar.bz2

package/libgcrypt/libgcrypt.mk

+1 −1
Original line number Diff line number Diff line
@@ -4,7 +4,7 @@ 
#

################################################################################



LIBGCRYPT_VERSION = 1.6.2

LIBGCRYPT_VERSION = 1.6.3

LIBGCRYPT_SOURCE = libgcrypt-$(LIBGCRYPT_VERSION).tar.bz2

LIBGCRYPT_LICENSE = LGPLv2.1+

LIBGCRYPT_LICENSE_FILES = COPYING.LIB