Accepted libgcrypt20 1.7.6-2+deb9u1 (all source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jul 2017 11:01:58 +0200
Source: libgcrypt20
Binary: libgcrypt20-doc libgcrypt20-dev libgcrypt20 libgcrypt20-udeb libgcrypt11-dev libgcrypt-mingw-w64-dev
Architecture: all source
Version: 1.7.6-2+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
libgcrypt11-dev - transitional libgcrypt11-dev package
libgcrypt20-dev - LGPL Crypto library - development files
libgcrypt20-doc - LGPL Crypto library - documentation
libgcrypt20 - LGPL Crypto library - runtime library
libgcrypt20-udeb - LGPL Crypto library - runtime library (udeb)
libgcrypt-mingw-w64-dev - LGPL Crypto library - Windows development
Changes:
libgcrypt20 (1.7.6-2+deb9u1) stretch-security; urgency=high
.
* 31_CVE-2017-752*.patch from upstream 1.7.8 release: Mitigate a
flush+reload side-channel attack on RSA secret keys dubbed "Sliding right
into disaster". For details see <https://eprint.iacr.org/2017/627>.
[CVE-2017-7526]
Checksums-Sha1:
0254545c274f7a72f4812e08985a1067d229643f 2942 libgcrypt20_1.7.6-2+deb9u1.dsc
d2b9e0f413064cfc67188f80d3cbda887c755a62 2897695 libgcrypt20_1.7.6.orig.tar.bz2
fe3a20f0168d841e8f144ff22272b378e0460526 310 libgcrypt20_1.7.6.orig.tar.bz2.asc
b9a5075b6aa04097d0ab8fa85f1a4ac73715ec7b 30308 libgcrypt20_1.7.6-2+deb9u1.debian.tar.xz
2c9723a2fd3143878a232db25e3251b8e7c28c2f 2316448 libgcrypt-mingw-w64-dev_1.7.6-2+deb9u1_all.deb
abb72e7762708f2dad9a070483df47f367381bc8 874286 libgcrypt20-doc_1.7.6-2+deb9u1_all.deb
Checksums-Sha256:
b83c76db58ec1e27257df872e342d2045a476819549252e0ffeb03ed2cbe570c 2942 libgcrypt20_1.7.6-2+deb9u1.dsc
626aafee84af9d2ce253d2c143dc1c0902dda045780cc241f39970fc60be05bc 2897695 libgcrypt20_1.7.6.orig.tar.bz2
91ad5a0efafb0edc63c083f733ce476b2a0da663aea5118126aa63825d314e00 310 libgcrypt20_1.7.6.orig.tar.bz2.asc
df274675ca3dce4dcbf9ec58e75fdf279a492f4fc91aa2f2d52d368ee9c0ed82 30308 libgcrypt20_1.7.6-2+deb9u1.debian.tar.xz
fb742622b7191866ceb80674444731476a51c893ddd62d8e8b7a3aa17a5fc5bb 2316448 libgcrypt-mingw-w64-dev_1.7.6-2+deb9u1_all.deb
057d7b0f7c84cba2e2811fe492e830a75ebc67f5cfebf4163e131c26c34ee1f3 874286 libgcrypt20-doc_1.7.6-2+deb9u1_all.deb
Files:
abdf721ada2ac41537f5d0825a4f6035 2942 libs optional libgcrypt20_1.7.6-2+deb9u1.dsc
54e180679a7ae4d090f8689ca32b654c 2897695 libs optional libgcrypt20_1.7.6.orig.tar.bz2
ebb27eec1079d3417bb08e571563d556 310 libs optional libgcrypt20_1.7.6.orig.tar.bz2.asc
53c2418a6253d2922cc901b6ddb0ec95 30308 libs optional libgcrypt20_1.7.6-2+deb9u1.debian.tar.xz
f0be034bba560681833888ae25339438 2316448 libdevel extra libgcrypt-mingw-w64-dev_1.7.6-2+deb9u1_all.deb
dd9f1590839b72b9ab28f707bd727991 874286 doc optional libgcrypt20-doc_1.7.6-2+deb9u1_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAllXaZoACgkQpU8BhUOC
FISJ3g/+NYDaUhoJEE0D4WOrmbxhvf5s4JFbQCXOKF4qezVB7MIxD1VhNbaZQbb5
se5QzGjxVntGGXNpJGkVmdqqLvoD+ekKrscd4ZQcRqQSvIhCKuqTKHwdi6+7+rqS
TboVu6x6E6Nos8lwdILmB9kYkpaOtYcdwkT/JaxYJyL7ETddF+8YUNkDsf17m7i/
WhTVP8CsxB7tGtCbmzaJNmu/EC0mpDY36FSDIwsttEfciJxnFh8SRgzrDFvd57w6
iGkifPqqyyGOPlaL1hqub1VSzMZHyOxPNSnBkTlteaDOl07vvbXg797mZn1AgSwd
l1wbm62PyiI1p4KwyT9NjAIGvhCUrIEiFZuaEQrs/fNr4Sz3HjvVpLs6R6QYpMaT
xMGq/nzO8/5eJiyyRxBG08EpDSlFTYYAy6vi491cM6maYaPWFzvfaV/BScL4GnAe
MrMkXvm2jARBLsq9XrgDks5bKsreXVYjQ4vptEk36ihfvRw7tFRnGjWeyQ45z6Lr
Cjp4ZkY5IxMgZN7Sg1aYaB+LeSJWu3/oRNKHDtXyKD/fuqswwD+bt1WO3Rrqa7hr
nOYd0PTaPVpZkMBSpnzFOB6iKlyFBcaxHuO9S/KfN3Qlu+oSPFkz6qOMuLIT4Nye
22iArBhdUoEjDnHOExLLYwz7spUIsQWzl39XvDKqbYG2OzItJSs=
=4E24
-----END PGP SIGNATURE-----