openSUSE Recommended Update: libgcrypt: update to 1.5.3 ______________________________________________________________________________ Announcement ID: openSUSE-RU-2013:1302-1 Rating: low References: #810759 #831359 Affected Products: openSUSE 11.4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: * Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys.(bnc#831359) * add GPL3.0+ to License tag because of dumpsexp (bnc#810759) Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch 2013-119 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586 x86_64): libgcrypt-debugsource-1.5.3-6.1 libgcrypt-devel-1.5.3-6.1 libgcrypt-devel-debuginfo-1.5.3-6.1 libgcrypt11-1.5.3-6.1 libgcrypt11-debuginfo-1.5.3-6.1 - openSUSE 11.4 (x86_64): libgcrypt-devel-32bit-1.5.3-6.1 libgcrypt-devel-debuginfo-32bit-1.5.3-6.1 libgcrypt11-32bit-1.5.3-6.1 libgcrypt11-debuginfo-32bit-1.5.3-6.1 - openSUSE 11.4 (ia64): libgcrypt-devel-debuginfo-x86-1.5.3-6.1 libgcrypt11-debuginfo-x86-1.5.3-6.1 libgcrypt11-x86-1.5.3-6.1 References: https://bugzilla.novell.com/810759 https://bugzilla.novell.com/831359