7a9f5c9120
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. Patch from commit e2202ff2b704623efc6277fb5256e4e15bac5676 in git://git.gnupg.org/libgcrypt.git (From OE-Core rev: d1e0f3e71ce9978ff0fc94d71e67b528dad84c5c) Signed-off-by: Yong Zhang <yong.zhang@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> |
||
---|---|---|
.. | ||
CVE-2013-4242.patch | ||
CVE-2013-4351.patch | ||
CVE-2013-4576.patch | ||
GnuPG1-CVE-2012-6085.patch | ||
configure.patch | ||
curl_typeof_fix_backport.patch | ||
long-long-thumb.patch | ||
mips_gcc4.4.patch |