/ 
Alien-GCrypt-1.6.5.0
River stage one • 2 direct dependents • 2 total dependents
⭐ Starred 0 GitHub stars
/ Alien::GCrypt
Security Advisories (2)
CVE-2021-40528 (2021-09-06)

The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.

CVE-2018-0495 (2018-06-13)

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

NAME

Alien::GCrypt - Install and make available libgcrypt

VERSION

version 1.6.5.0

SYNOPSIS

use Alien::GCrypt;

my $cflags = Alien::GCrypt->cflags;
my $libs = Alien::GCrypt->libs;

DESCRIPTION

Alien::GCrypt installs the C library libgcrypt v1.6.5.

SEE ALSO

AUTHOR

Alex J. G. Burzyński <ajgb@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2016 by Alex J. G. Burzyński <ajgb@cpan.org>.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.