Endpoint Vulnerability

RHSA-2020:4482: libgcrypt security, bug fix, and enhancement update (Moderate)

Description

The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. The following packages have been upgraded to a later upstream version: libgcrypt (1.8.5). (BZ#1764918) Security Fix(es): * libgcrypt: ECDSA timing attack allowing private key leak (CVE-2019-13627) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.

Affected Products

RFE

References

CVE-2019-13627,