Bug#981370: CVE - critical security bug - Exploitable overflow in Libgcrypt 1.9.0
Patrick Schleizer
adrelanos at riseup.net
Sat Jan 30 05:20:03 GMT 2021
Package: libgcrypt20
Severity: important
X-Debbugs-CC: whonix-devel at whonix.org
Dear maintainer,
Quote Werner Koch [1]:
> We have to announce the availability of Libgcrypt version 1.9.1.
This version fixes a *critical security bug* in the recently released
version 1.9.0. If you are already using 1.9.0 please update immediately
to 1.9.1.
> On 2021-01-28 Tavis Ormandy contacted us to report a severe bug in
1.9.0 which he found while testing GnuPG:
>> There is a heap buffer overflow in libgcrypt due to an incorrect
assumption in the block buffer management code. Just decrypting some
data can overflow a heap buffer with attacker controlled data, no
verification or signature is validated before the vulnerability occurs.
> A CVE-id has not yet been assigned.
> We track this bug at https://dev.gnupg.org/T5275
Cheers,
Patrick
[1] https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html
[2] https://dev.gnupg.org/T5275
More information about the Pkg-gnutls-maint
mailing list