]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 461e598) | patch
gnupg: CVE-2013-4242
authorKai Kang <kai.kang@windriver.com>
Wed, 15 Oct 2014 07:16:31 +0000 (15:16 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 23 Oct 2014 20:42:03 +0000 (21:42 +0100)
commit0692743b51f7daa0154fd4d8982236b4702ea2da
treefe51e588f34c521e5cd1e216785a658dc3d426d0tree | snapshot
parent461e598815f8749bb26e97369e3b877f7ce749cfcommit | diff
gnupg: CVE-2013-4242

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x
and possibly other products, allows local users to obtain private RSA
keys via a cache side-channel attack involving the L3 cache, aka
Flush+Reload.

Patch from commit e2202ff2b704623efc6277fb5256e4e15bac5676 in
git://git.gnupg.org/libgcrypt.git

Signed-off-by: Yong Zhang <yong.zhang@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4242.patch [new file with mode: 0644] blob
meta/recipes-support/gnupg/gnupg_1.4.7.bb diff | blob | history
Mirror of the official openembedded-core repository