Accepting request 507220 from security:privacy

libgcrypt 1.7.8 CVE-2017-7526 bsc#1046607

OBS-URL: https://build.opensuse.org/request/show/507220
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=95

libgcrypt-1.7.7.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b9b85eba0793ea3e6e66b896eb031fa05e1a4517277cc9ab10816b359254cd9a
-size 2861190

libgcrypt-1.7.8.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:948276ea47e6ba0244f36a17b51dcdd52cfd1e664b0a1ac3bc82134fb6cec199
+size 2897853

libgcrypt.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Jun 29 09:49:44 UTC 2017 - astieger@suse.com
+
+- libgcrypt 1.7.8:
+  * CVE-2017-7526: Mitigate a flush+reload side-channel attack on
+    RSA secret keys (bsc#1046607)
+
 -------------------------------------------------------------------
 Sun Jun  4 19:26:12 UTC 2017 - astieger@suse.com
 

libgcrypt.spec

@@ -21,7 +21,7 @@
 %define libsoname %{name}20
 %define cavs_dir %{_libexecdir}/%{name}/cavs
 Name:           libgcrypt
-Version:        1.7.7
+Version:        1.7.8
 Release:        0
 Summary:        The GNU Crypto Library
 License:        GPL-2.0+ and LGPL-2.1+ and GPL-3.0+