Vulnerability
Carlos Jacobo Puga Medina
cjpm at gmx.es
Fri Jun 30 16:23:21 UTC 2017
Hi,
> Enviar: viernes 30 de junio de 2017 a las 18:04
> De: "Jos Chrispijn" <bsdports at cloudzeeland.nl>
> Para: "FreeBSD Ports ML" <freebsd-ports at freebsd.org>, cpm at FreeBSD.org
> Asunto: Vulnerability
>
> Dear port maintainer,
>
> Just to let you know that I ran into the following vulenerability report:
>
> libgcrypt-1.7.7 is vulnerable:
> libgcrypt -- side-channel attack on RSA secret keys
> CVE: CVE-2017-7526
> WWW:https://vuxml.FreeBSD.org/freebsd/ed3bf433-5d92-11e7-aa14-e8e0b747a45a.html
>
> Could you send out a port update? Thanks in advance!
>
I have submitted a patch to update libgcrypt to 1.7.8 (still pending for an exp-run)
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220382
You can grab the patch, apply and build the port.
> Keep up the good work,
> Jos Chrispijn
>
>
Kind regards,
--
Carlos Jacobo Puga Medina <cjpm at gmx.es>
More information about the freebsd-ports
mailing list