USN-4236-3: Libgcrypt vulnerability
28 January 2020
Libgcrypt could be made to expose sensitive information.
- libgcrypt11 - LGPL Crypto library
USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that Libgcrypt was susceptible to a ECDSA timing attack.
An attacker could possibly use this attack to recover sensitive