Alerts This Week
Warning Icon 1 474
Alerts This Week
Warning Icon 1 474

openSUSE: 2019:1951-1 Moderate: dkgpg and libTMCG Security Update

opensuse
Calendar Grey August 19, 2019
Dist Opensuse Esm H88
openSUSE Security Advisory: Essential update for gpgme and libTPM with vulnerabilities addressed in versions 2.1.14 and 1.0.6.
An update that contains security fixes can now be installed.

Description

This update for dkgpg, libTMCG fixes the following issues:

libTMCG was updated to version 1.3.18

* This release is two-fold: first, it fixes some bugs (e.g. iterated S2K)

of the OpenPGP interface, and second, it adds functionality for handling

v5 keys and signatures (see RFC 4880bis-07).

Update to version 1.3.17

* VTMF,ASTC,DKG,VRHE,EOTP,COM,VSS: make CheckGroup() more robust

* VSSHE: security bugfix for Verify_[non]interactive_[_publiccoin]

* mpz_spowm: added check for correct base in fast exponentiation

* mpz_sqrtm: remove unused parameter in tmcg_mpz_qrmn_p()

* configure.ac: added compiler option "-Wextra"

* mpz_sprime: added tmcg_mpz_smprime() with increased B = 80000

* RFC4880: changed type of tmcg_openpgp_mem_alloc to unsigned long

Update to version 1.3.16

* changed constant TMCG_MAX_CARDS (decreased by factor 2)

* changed formulas for TMCG_MAX_VALUE_CHARS and TMCG_MAX_KEY_CHARS

* RFC4880: added support of...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate security fix patch openSUSE libTMCG dkgpg

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-1951=1

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-1951=1

Package List

- openSUSE Leap 15.1 (x86_64):

dkgpg-1.1.3-lp151.3.3.1

dkgpg-debuginfo-1.1.3-lp151.3.3.1

dkgpg-debugsource-1.1.3-lp151.3.3.1

libTMCG-debugsource-1.3.18-lp151.3.3.1

libTMCG-devel-1.3.18-lp151.3.3.1

libTMCG18-1.3.18-lp151.3.3.1

libTMCG18-debuginfo-1.3.18-lp151.3.3.1

- openSUSE Leap 15.0 (x86_64):

dkgpg-1.1.3-lp150.2.3.1

dkgpg-debuginfo-1.1.3-lp150.2.3.1

dkgpg-debugsource-1.1.3-lp150.2.3.1

libTMCG-debugsource-1.3.18-lp150.2.3.1

libTMCG-devel-1.3.18-lp150.2.3.1

libTMCG18-1.3.18-lp150.2.3.1

libTMCG18-debuginfo-1.3.18-lp150.2.3.1

References

--

Announcement ID: openSUSE-SU-2019:1951-1
Rating: moderate
Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0

Topics%20covered

Topics Covered

security advisory moderate security fix patch openSUSE libTMCG dkgpg

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here