Oval Definition:oval:com.redhat.rhsa:def:20162674
Revision Date:2016-11-08Version:638
Title:RHSA-2016:2674: libgcrypt security update (Moderate)
Description:The libgcrypt library provides general-purpose implementations of various cryptographic algorithms.

Security Fix(es):

  • A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. (CVE-2016-6313)

    Red Hat would like to thank Felix Dörre and Vladimir Klebanov for reporting this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2016-6313
    RHSA-2016:2674
    RHSA-2016:2674-00
    RHSA-2016:2674-01
    RHSA-2016:2674-02
    RHSA-2016:2674-02
    Platform(s):Red Hat Enterprise Linux 6
    Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • libgcrypt is earlier than 0:1.4.5-12.el6_8
  • AND libgcrypt is signed with Red Hat redhatrelease2 key
  • libgcrypt-devel is earlier than 0:1.4.5-12.el6_8
  • AND libgcrypt-devel is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • libgcrypt is earlier than 0:1.5.3-13.el7_3.1
  • AND libgcrypt is signed with Red Hat redhatrelease2 key
  • libgcrypt-devel is earlier than 0:1.5.3-13.el7_3.1
  • AND libgcrypt-devel is signed with Red Hat redhatrelease2 key
    • BACK