openSUSE Security Update : libgcrypt (openSUSE-2015-597)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

libgcrypt was updated to include countermeasures against Lenstra's
fault attack on RSA Chinese Remainder Theorem optimization in RSA.

A signature verification step was updated to protect against leaks of
private keys in case of hardware faults or implementation errors in
numeric libraries.

GnuPG already performed this check by itself and was not affected.
This fix is equivalent, but not equal to CVE-2015-5738

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=944835

Solution :

Update the affected libgcrypt packages.

Risk factor :

Low

Family: SuSE Local Security Checks

Nessus Plugin ID: 86090 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now