Sunday, August 4, 2013

Security Update: gnupg and libgcrypt

In order to mitigate a flush+reload side-channel attack on RSA secret keys, a new gnupg/libgcrypt/libgpg-error are now pushed to several Slackware version, back to Slackware 12.1. The new libgpg-error is needed since the current version on some Slackware releases are not new enough to compile the libgcrypt library.

On -Current, there has been a bigger changes rather than security update only. Here are the recap:
  • etc upgraded to 14.1 
  • floppy upgraded to 5.5
  • calligra upgraded to 2.7.1
  • dhcpcd upgraded to 6.0.5
  • ethtool upgraded to 3.10
  • iproute2 upgraded to 3.10.0
  • several packages in x/ and testing/xorg-server-1.14.x are upgraded to the latest version. 
  • Packages on testing are suffixed with _testing so that it can have the same build number as the main packages