Explore top 10 tips to secure your open-source projects now. Read More
×
Libgcrypt could be made to expose sensitive information.
Software Description:
- libgcrypt20: LGPL Crypto library
Details:
USN-5080-1 fixed several vulnerabilities in Libgcrypt. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An
attacker could possibly use this issue to recover sensitive information.
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: libgcrypt20 1.6.5-2ubuntu0.6+esm1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-5080-2
https://ubuntu.com/security/notices/USN-5080-1
CVE-2021-33560, CVE-2021-40528
Get the latest Linux and open source security news straight to your inbox.