[Announce] Libgcrypt 1.7.8 released to fix CVE-2017-7526

Werner Koch wk at gnupg.org
Thu Jul 13 09:35:18 CEST 2017


On Wed,  5 Jul 2017 21:39, gnupg-users at gnupg.org said:

>>   libgcrypt v<=?
>
> Probably all versions up to 1.7.7, starting from at least 1.2.0 (which
> is the oldest I could find).

Actaully starting at 1.6.0 which introduced the sliding window method to
catch up performance losses due to other side channel attack
mitigations.  Earlier versions than 1.6 may be affected by other side
channel attacks.


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170713/21f4028e/attachment.sig>


More information about the Gnupg-users mailing list