Suggestions search

Untriaged

Filter by:

With package: python314Packages.python-gnupg

Found 2 matching suggestions

View:

Compact

Detailed

Permalink CVE-2014-3591

created 1 month ago

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement …

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.

References

http://www.cs.tau.ac.il/~tromer/radioexp/ x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html x_refsource_MISC
http://www.debian.org/security/2015/dsa-3184 x_refsource_MISC
http://www.debian.org/security/2015/dsa-3185 x_refsource_MISC
http://www.cs.tau.ac.il/~tromer/radioexp/ x_transferred x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html x_transferred x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html x_transferred x_refsource_MISC
http://www.debian.org/security/2015/dsa-3184 x_transferred x_refsource_MISC
http://www.debian.org/security/2015/dsa-3185 x_transferred x_refsource_MISC
http://www.cs.tau.ac.il/~tromer/radioexp/ x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html x_refsource_MISC
http://www.debian.org/security/2015/dsa-3184 x_refsource_MISC
http://www.debian.org/security/2015/dsa-3185 x_refsource_MISC
http://www.cs.tau.ac.il/~tromer/radioexp/ x_transferred x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html x_transferred x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html x_transferred x_refsource_MISC
http://www.debian.org/security/2015/dsa-3184 x_transferred x_refsource_MISC
http://www.debian.org/security/2015/dsa-3185 x_transferred x_refsource_MISC

Affected products

GnuPG

==before 1.4.19

Libgcrypt

==before 1.6.3

Matching in nixpkgs

pkgs.gnupg

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8
nixos-25.11 2.4.8
- nixos-25.11-small 2.4.8
- nixpkgs-25.11-darwin 2.4.8

pkgs.gnupg1

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation with symbolic links for gpg and gpgv

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8
nixos-25.11 2.4.8
- nixos-25.11-small 2.4.8
- nixpkgs-25.11-darwin 2.4.8

pkgs.gnupg24

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8
nixos-25.11 2.4.8
- nixos-25.11-small 2.4.8
- nixpkgs-25.11-darwin 2.4.8

pkgs.libgcrypt

General-purpose cryptographic library

nixos-unstable 1.11.2
- nixpkgs-unstable 1.11.2
- nixos-unstable-small 1.11.2
nixos-25.11 1.11.2
- nixos-25.11-small 1.11.2
- nixpkgs-25.11-darwin 1.11.2

pkgs.pam_gnupg

Unlock GnuPG keys on login

nixos-unstable 0.4
- nixpkgs-unstable 0.4
- nixos-unstable-small 0.4
nixos-25.11 0.4
- nixos-25.11-small 0.4
- nixpkgs-25.11-darwin 0.4

pkgs.gnupg1compat

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation with symbolic links for gpg and gpgv

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8
nixos-25.11 2.4.8
- nixos-25.11-small 2.4.8
- nixpkgs-25.11-darwin 2.4.8