TEMP-0000000-96B2E9

NameTEMP-0000000-96B2E9
Descriptionhardening for RSA-CRT leak
SourceAutomatically generated temporary name. Not for external reference.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libgcrypt20 (PTS)jessie, jessie (lts)1.6.3-2+deb8u9vulnerable
stretch (security), stretch (lts), stretch1.7.6-2+deb9u4fixed
buster1.8.4-5+deb10u1fixed
bullseye1.8.7-6fixed
bookworm1.10.1-3fixed
sid, trixie1.11.0-6fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libgcrypt11source(unstable)(unfixed)
libgcrypt20source(unstable)1.6.4-3

Notes

[wheezy] - libgcrypt11 <no-dsa> (Minor issue; additional hardening)
[squeeze] - libgcrypt11 <no-dsa> (Minor issue; additional hardening)
[jessie] - libgcrypt20 <no-dsa> (Minor issue; additional hardening)
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=b85c8d6645039fc9d403791750510e439731d479
CVE Request: https://www.openwall.com/lists/oss-security/2015/09/08/5
Thread on oss-security to clarify if this should be CVE-2015-5738 or a new CVE

Search for package or bug name: Reporting problems