Carlos Jacobo Puga Medina cjpm at
Fri Jun 30 16:23:21 UTC 2017


> Enviar: viernes 30 de junio de 2017 a las 18:04
> De: "Jos Chrispijn" <bsdports at>
> Para: "FreeBSD Ports ML" <freebsd-ports at>, cpm at
> Asunto: Vulnerability
> Dear port maintainer,
> Just to let you know that I ran into the following vulenerability report:
> libgcrypt-1.7.7 is vulnerable:
> libgcrypt -- side-channel attack on RSA secret keys
> CVE: CVE-2017-7526
> WWW:
> Could you send out a port update? Thanks in advance!

I have submitted a patch to update libgcrypt to 1.7.8 (still pending for an exp-run)

You can grab the patch, apply and build the port.

> Keep up the good work,
> Jos Chrispijn

Kind regards,
Carlos Jacobo Puga Medina <cjpm at>

More information about the freebsd-ports mailing list