libgcrypt: security bump to version 1.6.3

Fixes:
CVE-2014-3591 - Use ciphertext blinding for Elgamal decryption
CVE-2015-0837 - Fixed data-dependent timing variations in modular
exponentiation.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Gustavo Zacarias 2015-02-28 08:09:12 -03:00 committed by Peter Korsgaard
parent 67cebbdf5f
commit b3db3aba6e
2 changed files with 3 additions and 3 deletions

View File

@ -1,2 +1,2 @@
# From http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000355.html
sha1 cc31aca87e4a3769cb86884a3f5982b2cc8eb7ec libgcrypt-1.6.2.tar.bz2
# From http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html
sha1 9456e7b64db9df8360a1407a38c8c958da80bbf1 libgcrypt-1.6.3.tar.bz2

View File

@ -4,7 +4,7 @@
#
################################################################################
LIBGCRYPT_VERSION = 1.6.2
LIBGCRYPT_VERSION = 1.6.3
LIBGCRYPT_SOURCE = libgcrypt-$(LIBGCRYPT_VERSION).tar.bz2
LIBGCRYPT_LICENSE = LGPLv2.1+
LIBGCRYPT_LICENSE_FILES = COPYING.LIB