Bug#989421: unblock: libgcrypt20/1.8.7-6
Andreas Metzler
ametzler at bebt.de
Thu Jun 3 12:23:02 BST 2021
Package: release.debian.org
Severity: normal
User: release.debian.org at packages.debian.org
Usertags: unblock
X-Debbugs-Cc: libgcrypt20 at packages.debian.org
Please unblock package libgcrypt20.
Compared to 1.8.7-3 this pulls a 4 commits from 1.8.8, including
30_10-cipher-Fix-ElGamal-encryption-for-other-implementati.patch
(CVE-2021-33560) which fixes weak ElGamal encryption with keys *not*
generated by libgcrypt/gnupg. It does not warrant a DSA (already
doublechecked with debian-security) but should still be fixed. I will
also prepare an upload for buster.
unblock libgcrypt20/1.8.7-6
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: from-3_to-6.diff
Type: text/x-diff
Size: 11681 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnutls-maint/attachments/20210603/882ab50b/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnutls-maint/attachments/20210603/882ab50b/attachment.sig>
More information about the Pkg-gnutls-maint
mailing list