USN-5080-2: Libgcrypt vulnerabilities
16 September 2021
Libgcrypt could be made to expose sensitive information.
Releases
Packages
- libgcrypt20 - LGPL Crypto library
Details
USN-5080-1 fixed several vulnerabilities in Libgcrypt. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An
attacker could possibly use this issue to recover sensitive information.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
-
libgcrypt20
-
1.6.5-2ubuntu0.6+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.