projects / scm / bb / tizen-distro.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b341cec) | patch
gnupg: CVE-2013-4242
authorKai Kang <kai.kang@windriver.com>
Wed, 15 Oct 2014 07:16:31 +0000 (15:16 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sat, 18 Oct 2014 14:14:04 +0000 (16:14 +0200)
commit8e1cb758d6cc7b112f00a69a79c32fc9f72e7b70
tree65f145a4c89ae4f65c4b3f0d5ddd825d654d90catree | snapshot
parentb341cecfcfbca194ec41011b0611a6a1e749b974commit | diff
gnupg: CVE-2013-4242

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x
and possibly other products, allows local users to obtain private RSA
keys via a cache side-channel attack involving the L3 cache, aka
Flush+Reload.

Patch from commit e2202ff2b704623efc6277fb5256e4e15bac5676 in
git://git.gnupg.org/libgcrypt.git

(From OE-Core rev: d1e0f3e71ce9978ff0fc94d71e67b528dad84c5c)

Signed-off-by: Yong Zhang <yong.zhang@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4242.patch [new file with mode: 0644] blob
meta/recipes-support/gnupg/gnupg_1.4.7.bb diff | blob | history
Domain: SCM / BB;