[bug#46183] [PATCH 0/1] Update gcrypt [URGENT SECURITY ISSUE]

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#46183] [PATCH 0/1] Update gcrypt [URGENT SECURITY ISSUE]

From:	lordyuuma
Subject:	[bug#46183] [PATCH 0/1] Update gcrypt [URGENT SECURITY ISSUE]
Date:	Sat, 30 Jan 2021 08:56:08 +0100
User-agent:	Evolution 3.34.2

Hi Ryan,

Am Samstag, den 30.01.2021, 04:20 +0000 schrieb Ryan Prior:
> Hi Guix! Please review ASAP. This update fixes an exploitable heap
> overflow.
> 
> https://dev.gnupg.org/T5275
> 
> https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000455.html

I have some good news and some bad news.  The good news is, that
according to your sources this affects only version 1.9.0, so master is
currently safe.  The bad news is, that libgcrypt has more than 10000
dependants, so an update for it should go to core-updates.

Regards,
Leo

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#46183] [PATCH 0/1] Update gcrypt [URGENT SECURITY ISSUE], Ryan Prior, 2021/01/29
- [bug#46183] [PATCH 1/1] gnu: libgcrypt: Update to 1.9.1., Ryan Prior, 2021/01/29
  - [bug#46183] [PATCH 1/1] gnu: libgcrypt: Update to 1.9.1., Tobias Geerinckx-Rice, 2021/01/30
    - [bug#46183] [PATCH 1/1] gnu: libgcrypt: Update to 1.9.1., Guillaume Le Vaillant, 2021/01/30
- [bug#46183] [PATCH 0/1] Update gcrypt [URGENT SECURITY ISSUE], lordyuuma <=

Prev by Date: [bug#45875] [PATCH] Update gnunet to version 0.14.0
Next by Date: [bug#45875] [PATCH] Update gnunet to version 0.14.0
Previous by thread: [bug#46183] [PATCH 1/1] gnu: libgcrypt: Update to 1.9.1.
Next by thread: [bug#46185] [PATCH] services: knot: Fix an acl and a key verification.
Index(es):
- Date
- Thread