deepcrayon
/
buildroot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libgcrypt: security bump to version 1.7.8 

>From the NEWS file:

- Mitigate a flush+reload side-channel attack on RSA secret keys
  dubbed "Sliding right into disaster".  For details see
  <https://eprint.iacr.org/2017/627>.  [CVE-2017-7526]

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017.08.x
Baruch Siach 2017-06-30 18:04:54 +03:00 committed by Thomas Petazzoni
parent 659ec7d64d
commit 10ce9c6f8d
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
package/libgcrypt/libgcrypt.hash
View File

@ -1,4 +1,5 @@
# From https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000406.html
sha1 ea4ae1a4dba51f15095319419d7b42a0bf160384 libgcrypt-1.7.7.tar.bz2
# Locally calculated
sha256 b9b85eba0793ea3e6e66b896eb031fa05e1a4517277cc9ab10816b359254cd9a libgcrypt-1.7.7.tar.bz2
# From https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html
sha1 65a4a495aa858483e66868199eaa8238572ca6cd libgcrypt-1.7.8.tar.bz2
# Locally calculated after checking signature
# https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.7.8.tar.bz2.sig
sha256 948276ea47e6ba0244f36a17b51dcdd52cfd1e664b0a1ac3bc82134fb6cec199 libgcrypt-1.7.8.tar.bz2

2
package/libgcrypt/libgcrypt.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
LIBGCRYPT_VERSION = 1.7.7
LIBGCRYPT_VERSION = 1.7.8
LIBGCRYPT_SOURCE = libgcrypt-$(LIBGCRYPT_VERSION).tar.bz2
LIBGCRYPT_LICENSE = LGPL-2.1+
LIBGCRYPT_LICENSE_FILES = COPYING.LIB