[ubuntu/wily-proposed] libgcrypt20 1.6.3-2ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu May 21 12:37:24 UTC 2015 

libgcrypt20 (1.6.3-2ubuntu1) wily; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/rules: Drop from -O3 to -O2 to work around FTBFS on ppc64el.

libgcrypt20 (1.6.3-2) unstable; urgency=medium

  * Upload to unstable.
  * Fix Vcs-Browser link.

libgcrypt20 (1.6.3-1) experimental; urgency=medium

  * Use ascii-armored debian/upstream/signing-key.asc instead of
    debian/upstream-signing-key.pgp for uscan's verification. This alllows us
    to drop debian/source/include-binaries. Add 2071B08A33BD3F06 as accepted
    key.
  * New upstream release.
    + Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
      See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
    + Fixed data-dependent timing variations in modular exponentiation
      [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
      are Practical].

Date: Thu, 21 May 2015 08:06:59 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libgcrypt20/1.6.3-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 21 May 2015 08:06:59 -0400
Source: libgcrypt20
Binary: libgcrypt20-doc libgcrypt20-dev libgcrypt20-dbg libgcrypt20 libgcrypt20-udeb libgcrypt11-dev
Architecture: source
Version: 1.6.3-2ubuntu1
Distribution: wily
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 libgcrypt11-dev - transitional libgcrypt11-dev package
 libgcrypt20 - LGPL Crypto library - runtime library
 libgcrypt20-dbg - LGPL Crypto library - debugger files
 libgcrypt20-dev - LGPL Crypto library - development files
 libgcrypt20-doc - LGPL Crypto library - documentation
 libgcrypt20-udeb - LGPL Crypto library - runtime library (udeb)
Changes:
 libgcrypt20 (1.6.3-2ubuntu1) wily; urgency=medium
 .
   * Merge from Debian unstable, remaining changes:
     - debian/rules: Drop from -O3 to -O2 to work around FTBFS on ppc64el.
 .
 libgcrypt20 (1.6.3-2) unstable; urgency=medium
 .
   * Upload to unstable.
   * Fix Vcs-Browser link.
 .
 libgcrypt20 (1.6.3-1) experimental; urgency=medium
 .
   * Use ascii-armored debian/upstream/signing-key.asc instead of
     debian/upstream-signing-key.pgp for uscan's verification. This alllows us
     to drop debian/source/include-binaries. Add 2071B08A33BD3F06 as accepted
     key.
   * New upstream release.
     + Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
       See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
     + Fixed data-dependent timing variations in modular exponentiation
       [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
       are Practical].
Checksums-Sha1:
 acd60ffe4b72cdd57b5feaac8a7d6ab1970c936d 2652 libgcrypt20_1.6.3-2ubuntu1.dsc
 9456e7b64db9df8360a1407a38c8c958da80bbf1 2494052 libgcrypt20_1.6.3.orig.tar.bz2
 96c679e9fba8fe9c5c9173b3d21d00cc6d53d2d9 28100 libgcrypt20_1.6.3-2ubuntu1.debian.tar.xz
Checksums-Sha256:
 06953a9efadff867f34666c50ad42971ab3855961272b59ee433c42fb8ff4130 2652 libgcrypt20_1.6.3-2ubuntu1.dsc
 41b4917b93ae34c6a0e2127378d7a4d66d805a2a86a09911d4f9bd871db7025f 2494052 libgcrypt20_1.6.3.orig.tar.bz2
 fb4d5641813f567e82ed060418fa97866d4930ef1b12ef9d9412d12a603fe486 28100 libgcrypt20_1.6.3-2ubuntu1.debian.tar.xz
Files:
 2f2d5b97a0e195f9c8219e333328748f 2652 libs optional libgcrypt20_1.6.3-2ubuntu1.dsc
 4262c3aadf837500756c2051a5c4ae5e 2494052 libs optional libgcrypt20_1.6.3.orig.tar.bz2
 78cb0de2901143f1d22dbe837cd34095 28100 libs optional libgcrypt20_1.6.3-2ubuntu1.debian.tar.xz
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVXc7DAAoJEGVp2FWnRL6TLGkQAJ2bSuhnB9qacJSNGFKZCWzb
nAFgrqlLHxlSj7ga1GGitZ1YUM958mZPsO6YnWfIjhzeWfX/ryZk2/VyFGN/1gLk
9gNs2XAosEcq8fGgx04bEZKrVXHPZuoCbm2ujmZfFG3WX/rGoJROqdAHPBgj7pcb
1arfFCsC/hlMv27ZvbhJLezYx2hUx41hDM34japGpBekGomoP/jJb6BR2/yGnYc+
Of9qyK1jd3gF5JCZTf8SsLLTEy3oYSpQU3qSgNG3CGyVlOtAJCD4jOKiLHesKXgO
msagyKHxPSv/RmjZygWj4guxvtBlD7UCtSv4qqrq7YIHsysEZRlh+mZUlpi1Q6rp
1k8imUFRMMwdu07KmRwG3VGaj9c/ruuhCrBo034eWMiIb8wDd5zKBX314UQCtyJ/
GIhz9oTOc6o/F4qvwLbsg3StSH2R8invvSmqS07FM4WfjNOfHls91Xls+Kipw6SG
pEjxYkts188WvdtkIp60ZcPhX/yJE7BrE1aMFsL5iatOJ41rnO3bDT/HjZsTSS2l
SNJZmoHD6hIS2U6uMq5VZsAQQiX4x8dVviO9qEljtT0OCLNLeujDOoHjJLLpC90F
xKlquYFu1y110j0cLI0weUtnaaLB4o4yADI5LZbi+ndYvYZLeGmH6iG7x+r7g8nC
CDT+G7594rgWl0pkHodz
=2iv4
-----END PGP SIGNATURE-----

More information about the Wily-changes mailing list