Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 526
Alerts This Week
Warning Icon 1 526

Scientific Linux SL5.x SLSA-2014:0016-1 Moderate: GnuPG Side-Channel Attack

Scientific Large Esm H446
Moderate: gnupg security update
Date: Thu, 9 Jan 2014 15:07:21 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Moderate: gnupg on SL5.x i386/x86_64
MIME-Version: 1.0

Synopsis: Moderate: gnupg security update
Advisory ID: SLSA-2014:0016-1
Issue Date: 2014-01-08
CVE Numbers: CVE-2013-4576
--

It was found that GnuPG was vulnerable to side-channel attacks via
acoustic cryptanalysis. An attacker in close range to a target system that
is decrypting ciphertexts could possibly use this flaw to recover the RSA
secret key from that system. (CVE-2013-4576)
--

SL5
 x86_64
 gnupg-1.4.5-18.el5_10.1.x86_64.rpm
 gnupg-debuginfo-1.4.5-18.el5_10.1.x86_64.rpm
 i386
 gnupg-1.4.5-18.el5_10.1.i386.rpm
 gnupg-debuginfo-1.4.5-18.el5_10.1.i386.rpm

- Scientific Linux Development Team