]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b145374) | patch
gnupg: CVE-2013-4242
authorKai Kang <kai.kang@windriver.com>
Wed, 15 Oct 2014 07:16:31 +0000 (15:16 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sat, 18 Oct 2014 14:12:56 +0000 (16:12 +0200)
commitd1e0f3e71ce9978ff0fc94d71e67b528dad84c5c
tree00a18f11b0cd62b1b0671356422ac6e0c7b56ed3tree | snapshot
parentb145374c0a498de0160a9b81f50ce0066ab14862commit | diff
gnupg: CVE-2013-4242

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x
and possibly other products, allows local users to obtain private RSA
keys via a cache side-channel attack involving the L3 cache, aka
Flush+Reload.

Patch from commit e2202ff2b704623efc6277fb5256e4e15bac5676 in
git://git.gnupg.org/libgcrypt.git

Signed-off-by: Yong Zhang <yong.zhang@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4242.patch [new file with mode: 0644] blob
meta/recipes-support/gnupg/gnupg_1.4.7.bb diff | blob | history
Mirror of the official openembedded-core repository