Accepting request 184483 from devel:libraries:c_c++

add CVE (forwarded request 184457 from AndreasStieger) OBS-URL: https://build.opensuse.org/request/show/184483 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libgcrypt?expand=0&rev=36
2013-07-29 15:42:10 +00:00 · 2013-07-29 15:42:10 +00:00 · 811c511e16
commit 811c511e16
parent e73673942c 0357e20aaf
6 changed files with 12 additions and 5 deletions
--- a/libgcrypt-1.5.2.tar.bz2
+++ b/libgcrypt-1.5.2.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e41a4339f50294f3c925f2f71aaf2427eb162d2994da91666dfc32621afe963f
-size 1507418
--- a/libgcrypt-1.5.2.tar.bz2.sig
+++ b/libgcrypt-1.5.2.tar.bz2.sig
--- a/libgcrypt-1.5.3.tar.bz2
+++ b/libgcrypt-1.5.3.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:bcf5334e7da352c45de6aec5d2084ce9a1d30029ff4a4a5da13f1848874759d1
+size 1508530
--- a/libgcrypt-1.5.3.tar.bz2.sig
+++ b/libgcrypt-1.5.3.tar.bz2.sig
--- a/libgcrypt.changes
+++ b/libgcrypt.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Fri Jul 26 22:05:46 UTC 2013 - andreas.stieger@gmx.de
+
+- update to 1.5.3 [bnc#831359] CVE-2013-4242
+ * Mitigate the Yarom/Falkner flush+reload side-channel attack on
+   RSA secret keys.  See <http://eprint.iacr.org/2013/448>.
+
 -------------------------------------------------------------------
 Thu Jul 25 09:15:43 UTC 2013 - mvyskocil@suse.com

--- a/libgcrypt.spec
+++ b/libgcrypt.spec
@ -20,11 +20,11 @@
 %define separate_hmac256_binary 0

 %define libsoname %{name}11
-%define sosuffix  11.8.1
+%define sosuffix  11.8.2

 Name:           libgcrypt
 Url:            http://directory.fsf.org/wiki/Libgcrypt
-Version:        1.5.2
+Version:        1.5.3
 Release:        0
 Summary:        The GNU Crypto Library
 License:        GPL-2.0+ and LGPL-2.1+ and GPL-3.0+