Hi, > Enviar: viernes 30 de junio de 2017 a las 18:04 > De: "Jos Chrispijn" <[email protected]> > Para: "FreeBSD Ports ML" <[email protected]>, [email protected] > Asunto: Vulnerability > > Dear port maintainer, > > Just to let you know that I ran into the following vulenerability report: > > libgcrypt-1.7.7 is vulnerable: > libgcrypt -- side-channel attack on RSA secret keys > CVE: CVE-2017-7526 > WWW:https://vuxml.FreeBSD.org/freebsd/ed3bf433-5d92-11e7-aa14-e8e0b747a45a.html > > Could you send out a port update? Thanks in advance! >
I have submitted a patch to update libgcrypt to 1.7.8 (still pending for an exp-run) https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220382 You can grab the patch, apply and build the port. > Keep up the good work, > Jos Chrispijn > > Kind regards, -- Carlos Jacobo Puga Medina <[email protected]> _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[email protected]"
