summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/gnupg/gnupg_1.4.7.bb
diff options
context:
space:
mode:
authorKai Kang <kai.kang@windriver.com>2014-10-15 15:16:31 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-10-18 16:14:04 +0200
commit7a9f5c9120d9330fae5f432630de120be11c28d9 (patch)
treef66ec063b4791aba7700e70b4f6f059fae68fbae /meta/recipes-support/gnupg/gnupg_1.4.7.bb
parent754288c387b058843d0885fc7e02b4a34e2b3aab (diff)
downloadpoky-7a9f5c9120d9330fae5f432630de120be11c28d9.tar.gz
gnupg: CVE-2013-4242
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. Patch from commit e2202ff2b704623efc6277fb5256e4e15bac5676 in git://git.gnupg.org/libgcrypt.git (From OE-Core rev: d1e0f3e71ce9978ff0fc94d71e67b528dad84c5c) Signed-off-by: Yong Zhang <yong.zhang@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/gnupg/gnupg_1.4.7.bb')
-rw-r--r--meta/recipes-support/gnupg/gnupg_1.4.7.bb1
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-support/gnupg/gnupg_1.4.7.bb b/meta/recipes-support/gnupg/gnupg_1.4.7.bb
index ddcc2c24fe..7be56fd7b5 100644
--- a/meta/recipes-support/gnupg/gnupg_1.4.7.bb
+++ b/meta/recipes-support/gnupg/gnupg_1.4.7.bb
@@ -17,6 +17,7 @@ SRC_URI = "ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-${PV}.tar.bz2 \
17 file://curl_typeof_fix_backport.patch \ 17 file://curl_typeof_fix_backport.patch \
18 file://CVE-2013-4351.patch \ 18 file://CVE-2013-4351.patch \
19 file://CVE-2013-4576.patch \ 19 file://CVE-2013-4576.patch \
20 file://CVE-2013-4242.patch \
20 " 21 "
21 22
22SRC_URI[md5sum] = "b06a141cca5cd1a55bbdd25ab833303c" 23SRC_URI[md5sum] = "b06a141cca5cd1a55bbdd25ab833303c"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-10 09:37:57 +0000