openSUSE Security Update : libgcrypt (openSUSE-2015-566)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update fixes two security vulnerabilities (bsc#920057) :

- Use ciphertext blinding for Elgamal decryption
[CVE-2014-3591]. See for details.

- Fixed data-dependent timing variations in modular
exponentiation [related to CVE-2015-0837, Last-Level
Cache Side-Channel Attacks are Practical]

See also :

Solution :

Update the affected libgcrypt packages.

Risk factor :


Family: SuSE Local Security Checks

Nessus Plugin ID: 85835 ()

Bugtraq ID:

CVE ID: CVE-2014-3591

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now