Bugzilla – Bug 994157
VUL-0: CVE-2016-6313: libgcrypt,gpg: RNG prediction vulnerability
Last modified: 2018-11-04 23:45:16 UTC
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html The GnuPG Project is pleased to announce the availability of new Libgcrypt and GnuPG versions to *fix a critical security problem*. Felix Dörre and Vladimir Klebanov from the Karlsruhe Institute of Technology found a bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. This bug exists since 1998 in all GnuPG and Libgcrypt versions. Impact ====== All Libgcrypt and GnuPG versions released before 2016-08-17 are affected on all platforms. A first analysis on the impact of this bug in GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information. This needs more research and I would suggest _not to_ overhasty revoke keys. https://twitter.com/gnupg/status/765956493720055808 > Sorry, the CVE in the announcement is wrong. > CVE-2016-6313 is the right one and used in commit messages. fixed in: Libgcrypt: 1.7.3, 1.6.6, and 1.5.6. GnuPG 1.4.21. http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=2f62103b4bb6d6f9ce806e01afb7fdc58aa33513 http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=8dd45ad957b54b939c288a68720137386c7f6501 http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=e23eec8c9a602eee0a09851a54db0f5d611f125c http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=c6dbfe89903d0c8191cf50ecf1abb3c8458b427a
bugbot adjusting priority
http://formal.iti.kit.edu/~klebanov/pubs/libgcrypt-cve-2016-6313.pdf
This is an autogenerated message for OBS integration: This bug (994157) was mentioned in https://build.opensuse.org/request/show/421369 13.2 / libgcrypt
openSUSE-SU-2016:2208-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 994157 CVE References: CVE-2016-6313 Sources used: openSUSE 13.2 (src): libgcrypt-1.6.1-8.19.1
An update workflow for this issue was started. This issue was rated as important. Please submit fixed packages until 2016-09-08. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/63014
Premysl, can you also submit a fix for gpg 1.4 in SUSE:SLE-10-SP3:Update:Test gpg
@Marcus SLE10 has gnupg 1.9.18, I can't find anything to patch there.
Premysl, there are two supported gnupg packages in SLE-10: gpg (1.4.2) and gpg2 (1.9.18)
SUSE-SU-2016:2345-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 994157 CVE References: CVE-2016-6313 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): libgcrypt-1.6.1-16.33.1 SUSE Linux Enterprise Server 12-SP1 (src): libgcrypt-1.6.1-16.33.1 SUSE Linux Enterprise Desktop 12-SP1 (src): libgcrypt-1.6.1-16.33.1
SUSE-SU-2016:2346-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 994157 CVE References: CVE-2016-6313 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): libgcrypt-1.5.0-0.22.1 SUSE Linux Enterprise Server 11-SP4 (src): libgcrypt-1.5.0-0.22.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): libgcrypt-1.5.0-0.22.1
openSUSE-SU-2016:2423-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 994157 CVE References: CVE-2016-6313 Sources used: openSUSE Leap 42.1 (src): libgcrypt-1.6.1-32.1
released