This project is archived. Its data is read-only.

Commit f05056b0 authored Feb 10, 2016 by Gustavo Zacarias Committed by Peter Korsgaard Feb 11, 2016

libgcrypt: security bump to version 1.6.5



Fixes:
CVE-2015-7511 - Mitigate side-channel attack on ECDH with Weierstrass
curves.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

parent 9f81bad7

package/libgcrypt/libgcrypt.hash

+4 −2

Original line number	Diff line number	Diff line
		# From https://lists.gnu.org/archive/html/info-gnu/2015-09/msg00000.html
		sha1 ed52add1ce635deeb2f5c6650e52667debd4ec70 libgcrypt-1.6.4.tar.bz2
		# From https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html
		sha1 c3a5a13e717f7b3e3895650afc1b6e0d3fe9c726 libgcrypt-1.6.5.tar.bz2
		# Calculated based on the hash above
		sha256 f49ebc5842d455ae7019def33eb5a014a0f07a2a8353dc3aa50a76fd1dafa924 libgcrypt-1.6.5.tar.bz2

package/libgcrypt/libgcrypt.mk

+1 −1

Original line number	Diff line number	Diff line
		@@ -4,7 +4,7 @@
		#
		################################################################################

		LIBGCRYPT_VERSION = 1.6.4
		LIBGCRYPT_VERSION = 1.6.5
		LIBGCRYPT_SOURCE = libgcrypt-$(LIBGCRYPT_VERSION).tar.bz2
		LIBGCRYPT_LICENSE = LGPLv2.1+
		LIBGCRYPT_LICENSE_FILES = COPYING.LIB